│ 1
Anti-money laundering and counter-terrorist financing measures The Turks and Caicos Islands
Mutual Evaluation Report
January 2020
Mutual Evaluation Report of the Turks and Caicos Islands
2 │
Table of Contents
Executive Summary ...... 6 Key Findings ...... 6 Risks and General Situation ...... 9 Overall Level of Compliance and Effectiveness ...... 9 Assessment of risk, coordination and policy setting ...... 10 Financial intelligence, ML investigations, prosecutions and confiscation...... 10 Terrorist and proliferation financing ...... 11 Preventive measures ...... 12 Supervision ...... 13 Transparency and beneficial ownership ...... 14 International cooperation ...... 15 Priority Actions ...... 15 Effectiveness & Technical Compliance Ratings ...... 17 Effectiveness Ratings ...... 17 Technical Compliance Ratings...... 17 MUTUAL EVALUATION REPORT ...... 18 Preface ...... 18 1. ML/TF RISKS AND CONTEXT ...... 20 ML/TF Risks and Scoping of Higher Risk Issues ...... 20 1.1.1. Overview of ML/TF Risks ...... 20 1.1.2. Country’s Risk Assessment & Scoping of Higher Risk Issues ...... 21 Materiality ...... 24 Structural Elements ...... 25 Background and Other Contextual Factors ...... 25 1.1.3. AML/CFT strategy ...... 25 1.1.4. Legal & institutional framework ...... 25 1.1.5. Financial sector and DNFBPs ...... 27 1.1.6. Preventive measures ...... 30 1.1.7. Legal persons and arrangements ...... 31 1.1.8. Supervisory arrangements ...... 32 1.1.9. International cooperation ...... 32 2. NATIONAL AML/CFT POLICIES AND COORDINATION ...... 34 Key Findings and Recommended Actions ...... 34 Immediate Outcome 1 (Risk, Policy and Coordination) ...... 35 2.1.1. Country’s understanding of its ML/TF risks ...... 35 2.1.2. National policies to address identified ML/TF risks ...... 40 2.1.3. Exemptions, enhanced and simplified measures ...... 41 2.1.4. Objectives and activities of competent authorities ...... 42 2.1.5. National coordination and cooperation ...... 43 2.1.6. Private sector’s awareness of risks ...... 44 3. LEGAL SYSTEM AND OPERATIONAL ISSUES ...... 46 Key Findings and Recommended Actions ...... 46
Mutual Evaluation Report of the Turks and Caicos Islands
│ 3
Immediate Outcome 6 (Financial Intelligence ML/TF) ...... 50 3.1.1. Use of financial intelligence and other information ...... 50 3.1.2. Access and use of financial intelligence and relevant information ...... 54 3.1.3. STRs received and requested by competent authorities ...... 56 3.1.4. Operational needs supported by FIU analysis and dissemination ...... 59 (a) Operational Analysis ...... 59 (b) Disseminations ...... 62 (c) Strategic Analysis ...... 64 3.1.5. Cooperation and exchange of information/financial intelligence ...... 65 Immediate Outcome 7 (ML investigation and prosecution) ...... 66 3.1.6. ML identification and investigation...... 66 3.1.7. Parallel Financial Investigations ...... 69 3.1.8. Consistency of ML investigations and prosecutions with threats and risk profile ...... 73 3.1.9. Types of ML cases pursued ...... 74 3.1.10. Effectiveness, proportionality and dissuasiveness of sanctions ...... 76 3.1.11. Use of alternative measures ...... 77 Immediate Outcome 8 (Confiscation) ...... 78 3.1.12. Confiscation of proceeds, instrumentalities and property of equivalent value as a policy objective ...... 78 3.1.13. Restraint Orders/ Freezing Orders ...... 78 3.1.14. Confiscation of proceeds from foreign and domestic predicates, and process located abroad...... 81 (a) Confiscations from Domestic Predicates ...... 81 (b) Confiscations, repatriation and sharing of proceeds derived from foreign predicates offences ...... 82 (c) Confiscation of Proceeds which have been moved to other countries ...... 83 3.1.15. Confiscation of falsely or undeclared cross-border transaction of currency/BNI ...... 83 3.1.16. Consistency of confiscation results with ML/TF risks and national AML/CFT policies and priorities .... 84 4. TERRORIST FINANCING AND FINANCING OF PROLIFERATION ...... 86 Key Findings and Recommended Actions ...... 86 Immediate Outcome 9 (TF investigation and prosecution) ...... 88 4.1.1. Prosecution/conviction of types of TF activity consistent with the country’s risk-profile ...... 89 4.1.2. TF identification and investigation ...... 89 4.1.3. TF investigation integrated with –and supportive of- national strategies ...... 91 4.1.4. Effectiveness, proportionality and dissuasiveness of sanctions ...... 91 4.1.5. Alternative measures used where TF conviction is not possible (e.g. disruption) ...... 91 Immediate Outcome 10 (TF preventive measures and financial sanctions) ...... 92 4.1.6. Implementation of targeted financial sanctions for TF without delay ...... 92 4.1.7. Targeted approach, outreach and oversight of at-risk non-profit organisations ...... 94 4.1.8. Deprivation of TF assets and instrumentalities ...... 95 4.1.9. Consistency of measures with overall TF risk profile ...... 95 Immediate Outcome 11 (PF financial sanctions) ...... 97 4.1.10. Implementation of targeted financial sanctions related to proliferation financing without delay ...... 97 4.1.11. Identification of assets and funds held by designated persons/entities and prohibitions ...... 97 4.1.12. FIs and DNFBPs’ understanding of and compliance with obligations ...... 97 4.1.13. Competent authorities ensuring and monitoring compliance ...... 98 5. PREVENTIVE MEASURES ...... 99 Key Findings and Recommended Actions ...... 99 Immediate Outcome 4 (Preventive Measures) ...... 101 5.1.1. Understanding of ML/TF risks and AML/CFT obligations ...... 101 5.1.2. Application of risk mitigating measures ...... 103
Mutual Evaluation Report of the Turks and Caicos Islands
4 │
5.1.3. Application of Customer Due Diligence (CDD) and record-keeping requirements ...... 105 5.1.4. Application of EDD measures ...... 107 5.1.5. Reporting obligations and tipping off ...... 110 5.1.6. Internal controls and legal/regulatory requirements impeding implementation ...... 111 6. SUPERVISION ...... 113 Key Findings and Recommended Actions ...... 113 Immediate Outcome 3 (Supervision) ...... 115 6.1.1. Licensing, registration and controls preventing criminals and associates from entering the market ...... 116 6.1.2. Supervisors’ understanding and identification of ML/TF risks ...... 119 6.1.3. Risk-based supervision of compliance with AML/CFT requirements ...... 121 6.1.4. Remedial actions and effective, proportionate, and dissuasive sanctions ...... 124 6.1.5. Impact of supervisory actions on compliance ...... 125 6.1.6. Promoting a clear understanding of AML/CFT obligations and ML/TF risks ...... 126 7. LEGAL PERSONS AND ARRANGEMENTS ...... 128 Key Findings and Recommended Actions ...... 128 Immediate Outcome 5 (Legal Persons and Arrangements)...... 129 7.1.1. Overview of legal persons and legal arrangements ...... 129 7.1.2. Public availability of information on the creation and types of legal persons and arrangements ...... 132 7.1.3. Identification, assessment and understanding of ML/TF risks and vulnerabilities of legal entities ...... 132 7.1.4. Mitigating measures to prevent the misuse of legal persons and arrangements ...... 134 7.1.5. Timely access to adequate, accurate and current basic and BO information on legal persons ...... 137 7.1.6. Timely access to adequate, accurate and current basic and BO information on legal arrangements ...... 139 7.1.7. Effectiveness, proportionality and dissuasiveness of sanctions ...... 139 8. INTERNATIONAL COOPERATION ...... 141 Key Findings and Recommended Actions ...... 141 Immediate Outcome 2 (International Cooperation) ...... 142 8.1.1. Providing constructive and timely MLA and extradition ...... 142 8.1.2. Seeking timely legal assistance ...... 148 8.1.3. Seeking other forms of international cooperation for AML/CFT purposes ...... 149 8.1.4. Providing other forms international cooperation for AML/CFT purposes ...... 149 8.1.5. International exchange of basic and BO information of legal persons and arrangements ...... 153 TECHNICAL COMPLIANCE ANNEX ...... 155 Recommendation 1 - Assessing risks and applying a risk-based approach ...... 155 Recommendation 2 - National Cooperation and Coordination ...... 158 Recommendation 3 - Money laundering offence ...... 160 Recommendation 4 - Confiscation and provisional measures ...... 162 Recommendation 5 - Terrorist financing offence ...... 164 Recommendation 6 - Targeted financial sanctions related to terrorism and terrorist financing ...... 166 Recommendation 7 - Targeted financial sanctions related to proliferation ...... 169 Recommendation 8 - Non-profit organisations ...... 171 Recommendation 9 - Financial institution Secrecy Laws ...... 175 Recommendation 10 - Customer due diligence ...... 175 Recommendation 11 - Record-keeping ...... 179 Recommendation 12 - Politically exposed persons ...... 181 Recommendation 13 - Correspondent banking ...... 182 Recommendation 14 - Money or value transfer services ...... 183
Mutual Evaluation Report of the Turks and Caicos Islands
│ 5
Recommendation 15 - New technologies ...... 184 Recommendation 16 - Wire transfers...... 185 Recommendation 17 - Reliance on third parties ...... 188 Recommendation 18 - Internal controls and foreign branches and subsidiaries ...... 189 Recommendation 19 - Higher-risk countries ...... 191 Recommendation 20 - Reporting of suspicious transaction ...... 192 Recommendation 21 - Tipping-off and confidentiality ...... 192 Recommendation 22 - DNFBPs: Customer due diligence ...... 193 Recommendation 24 - Transparency and beneficial ownership of legal persons ...... 194 Recommendation 25 - Transparency and beneficial ownership of legal arrangements ...... 199 Recommendation 26 - Regulation and supervision of financial institutions ...... 201 Recommendation 27 - Powers of supervisors ...... 203 Recommendation 28 - Regulation and supervision of DNFBPs ...... 205 Recommendation 29 - Financial intelligence units ...... 206 Recommendation 30 - Responsibilities of law enforcement and investigative authorities ...... 209 Recommendation 31 - Powers of law enforcement and investigative authorities ...... 209 Recommendation 32 - Cash Couriers...... 210 Recommendation 33 - Statistics ...... 213 Recommendation 34 - Guidance and feedback ...... 213 Recommendation 35 - Sanctions ...... 214 Recommendation 36 - International instruments ...... 216 Recommendation 37 - Mutual legal assistance ...... 217 Recommendation 38 - Mutual legal assistance: freezing and confiscation ...... 219 Recommendation 39 - Extradition ...... 221 Recommendation 40 - Other forms of international cooperation ...... 222 Summary of Technical Compliance – Key Deficiencies ...... 228 Glossary of Acronyms ...... 232
Mutual Evaluation Report of the Turks and Caicos Islands
6 │
Executive Summary
This report provides a summary of the anti-money laundering and combatting the financing of terrorism (AML/CFT) measures in place in the Turks and Caicos Islands (TCI) as at the date of the on-site visit held from September 10th - 21st, 2018. It analyses the level of compliance with the FATF 40 Recommendations and the level of effectiveness of TCIs’ AML/CFT system and provides recommendations on how the system could be strengthened.
Key Findings
a) The TCI has a fair understanding of its ML risks based on its NRA, which was a consultative process that included the participation of relevant private and public sector constituents. The process allowed the country to identify areas where further actions were necessary to improve the AML/CFT framework, reduce vulnerability to ML/TF risks and allocate national resources to mitigate against these risks. Still, the NRA did not fully address the ML risks associated with legal persons and arrangements, DNFBPs and FIs including the supervision of, and preventive measures applied to these sectors. As an International Financial Centre (IFC) with product and service offerings to foreign customers on a non-face-to-face basis, the TCI identifies and understands that there is an exposure to ML risks but did not fully assess the impact of those risks. b) The risk of TF is, however, not fully understood, as the NRA did not include consideration of relevant information, such as the cross-border movement of cash and bearer-negotiable instruments (BNIs) through Customs and the financial flows (including wire transfers) through the financial sector. c) Arising from risks identified in the NRA, competent authorities underwent considerable restructuring to their operations to better combat ML/TF risks. TCI also made significant changes to its AML/CFT framework that involved enacting and making key amendments to several legislations related to AML/CFT and other predicate offences. d) The TCI has demonstrated a willingness to implement risk mitigation measures to address its identified ML risks through the creation of the National AML/CFT Strategy (the National Strategy or the Strategy) and the National AML/CFT Action Plan. The authorities have commenced work pursuant to these national documents that included, among others, amendments to several key AML/CFT laws; changes in the administrative and investigative frameworks of some LEAs, such as the Financial Intelligence Agency (FIA), to improve their abilities to detect ML/TF matters; and implementation of several policies to prioritize ML investigation, prosecution and conviction. Efforts by the authorities are however not fully prioritised based on the risks posing the most significant threats to the TCI. e) Some sectors, specifically the banking sector has demonstrated that it does have some level of the understanding of the ML/TF risks in the TCI. However, this knowledge and understanding of risks do not transcend across the entire financial sector. Further, some FIs seemingly have a lack of knowledge about their STRs reporting obligations and the level of STRs reported across the financial sector is limited and not commensurate with the risk, context and materiality of the
Mutual Evaluation Report of the Turks and Caicos Islands
│ 7
financial sector, especially in light of the limited or absence in some circumstances of risk mitigation measures. f) The Financial Services Commission (FSC) is the oldest and most mature supervisory authority in the TCI and its mandates include the AML/CFT supervision of all FIs. The FSC has demonstrated that it is conducting its supervisory functions, including the conducting of both onsite and off-site inspections despite its limited resources. However, due to the recent conclusion of the NRA, the FSC has not fully implemented a risk-based supervisory program. Therefore, the risk-based supervision approach is in its infancy stage or is lacking in some instances. g) The FSC registration requirements and process for the DNFBPs under its remit are inadequate to prevent criminals and their associates from controlling, managing or influencing DNFBPs. Registration renewals are not consistently complied with by all DNFBPs or adequately enforced by the FSC, and no vetting, checks or other suitability requirements in place for the sector. Understanding of ML/TF risks in the DNFBP and FI sectors by the FSC is based on findings in the NRA and perceived assumption of risk. Accordingly, the sectors have not been subjected risk-based AML/CFT supervision nor any sanctions for failure to comply with AML/CFT requirements. Similar deficiencies exist for casinos and the remainder of the gaming industry, the latter of coming under AML/CFT regulations in the months prior to the onsite visit. h) DNFBPs have limited to no understanding of the current ML/TF risks that are affecting them and do not adequately apply/utilise AML/CFT risk mitigating measures. Serious deficiencies exist in the DNFBP sector regarding compliance with requirements for Customer Due Diligence (CDD), Beneficial Ownership (BO), Enhanced Due Diligence (EDD) measures for Politically Exposed Persons (PEPs), sanction screening – Targeted Financial Sanctions (TFS) for TF and Proliferation Financing (PF), and the filing of Suspicious Transaction Reports/Suspicious Activity Reports (STRs/SARs). i) CSPs and Professional Trustees (PTs) (which are classified as FIs in the TCI) underestimated and minimised the risk associated with their sector, as they believed that they are not susceptible to the level of ML risk as identified in the NRA. CSPs rely on CDD done by intermediaries which increases the risk that information may not be accurate. j) The Financial Intelligence Agency (FIA) has direct and indirect access to a wide range of financial and relevant information held in various databases to conduct its functions and has demonstrated that it is accessing such information. However, other competent authorities, including those responsible for ML investigations and other predicate offences have demonstrated that they make use of financial intelligence and financial information to some extent but need to use said information more consistently. k) Despite accessing and using financial and relevant information to conduct its functions, including operational analysis, the intelligence reports produced and disseminated by the FIA seemingly do not consistently support the operational needs of competent authorities due to the lack of demonstrable outcomes following the dissemination of its intelligence reports. This may be due to lack of resources (including human and technical) available to the FIA to conduct its operational analysis, and weaknesses in competent authorities, including key law enforcement agencies’ (LEAs’) ability to utilise and successfully incorporate financial intelligence in their functions to a greater degree. There also appears to be lack of understanding on how to effectively utilise the FIA’s product by competent authorities, primarily the FCU, due to lack of training in the area of understanding and effectively using financial intelligence. l) The Office of the Director of Public Prosecution (ODPP) should be commended for rendering guidance to LEAs at the earliest stage of ML investigations and implementing a policy to ensure that parallel financial investigations are conducted to identify possible ML offences. The TCI has recorded prosecutions and convictions for ML offences, however, the manner in which ML cases are identified, investigated and prosecuted is not consistent with the jurisdiction’s risk profile and
Mutual Evaluation Report of the Turks and Caicos Islands
8 │
the findings of the NRA. This includes lack of identification, investigation and subsequent prosecution during the period under consideration for ML cases, where proceeds were derived from commission of a foreign predicate offence, complex ML schemes and those involving legal persons. m) The TCI through the ODPP has implemented a policy mandating the tracing and identification of assets by the Financial Crimes Unit (FCU) in all cases the department received from LEAs for the purpose of confiscation. Nevertheless, this policy was implemented just prior to the on-site visit and has not resulted in any successful outcomes. The TCI has a strong legal framework and policy relative to confiscation and the authorities have demonstrated that they are restraining, confiscating and repatriating the proceeds of crime on the behalf of their foreign counterparts, especially through civil recovery provisions, albeit to a limited extent. The same cannot be stated for proceeds derived from the commission of domestic crimes. Overall, confiscation results in the TCI are not consistent with the policies and procedures in place, and the risk and context of the jurisdiction. This lack of outcomes may be due to competent authorities, including the FCU, Customs and Excise Department and the ODPP, lack resources and consistent training in the area of the tracing, identification and recovery of criminal proceeds including through civil recovery. n) There has only been one investigation involving TF offences in the TCI which did not result in any prosecution and conviction as the evidence did not reveal the commission of TF or any other predicate offence. The lack of investigations and prosecutions are commensurate with the findings of the NRA which found that TF is low. However, the NRA did not consider all factors relative to TF and the finding may not be accurate. Competent authorities, including LEAs, FIA and reporting entities, lack the necessary training and expertise to identify and investigate offences relating to TF. Therefore, instances of potential TF may not be properly identified in the TCI. o) There is a robust legal framework in place that calls for the implementation TFS for TF/PF without delay. However, the mode of communication used by the jurisdiction to disseminate listings and orders to FIs and DNFBPs does not result in prompt transmission of designations, freezing obligations and the relevant updates. While the FIs are generally aware of the sanctions lists and screen customers against those lists, the DNFBPs had limited knowledge and some did not screen customers against those lists. FIs and DNFBPs were not clear on the steps to be taken and measures to implement where there is a match against the UN Sanctions Lists. Based on the foregoing, the implementation of TFS-TF/PF may not be implemented without delay in the TCI. p) The NPO sector has been subjected to a desk-based review that the TCI indicated included an assessment framework that, among other things, took into account the inherent risks relevant to NPOs, pursuant to the FATF’s Best Practices Guidance Paper. The review provided a foundation for the country to begin understanding of any TF risk in the sector, but could however benefit from deeper analysis that adequately and clearly explore the sector’s vulnerability to TF, using information from all relevant sources such as dialogue with the sector. q) Competent authorities have access to basic BO information that is available in a timely manner. There are legal provisions mandating that basic and BO information be kept and obtained and most entities are adhering to such requirement. Nevertheless, PTs, as a result of their long- standing nature of the client relationship, are not updating their basic and BO information consistently and in a timely manner. This impedes these entities’ ability to ensure that basic and BO information are up-to-date and accurate. r) TCI provides mutual legal assistance (MLA) for matters including tax, extradition and other forms of international cooperation in a timely manner. MLA has been effectively provided by the jurisdiction to identify, restrain, confiscate and repatriate assets on behalf of foreign jurisdictions and is in keeping with the risk and context of the jurisdiction. However, TCI has not consistently sought international cooperation from foreign jurisdictions to assist with ML,
Mutual Evaluation Report of the Turks and Caicos Islands
│ 9
predicate offences and TF cases with transnational elements. The FIA and FCU demonstrated that they seek international assistance from their counterparts through forms of communication such as Egmont Group Secure Web (ESW) on a case by case basis and should be encouraged to use these methods to a greater extent.
Risks and General Situation
1. The TCI has undertaken a National Risk Assessment (NRA) that was completed and adopted by the Government in August 2017. The NRA was conducted using the World Bank (WB) Tool and involved both private and public sector officials. As a result of the NRA, the TCI was able to identify some of the ML/TF risks, threats and vulnerabilities to the jurisdiction. The TCI is largely vulnerable to ML based on its geographical location and due to the jurisdiction being an International Financial Centre (IFC). Criminal proceeds generated from offences such as, tax evasion, tax fraud and wire fraud committed abroad represent a major threat to the jurisdiction’s financial system. As a result of TCI’s geographical location, drug trafficking represents one of the main domestic threat to the jurisdiction’s financial system. Overall, the risk of ML occurring in the TCI is greater from international sources rather than from domestic sources due to the nature of the jurisdiction. 2. The TCI is not located next to any conflict area and has not been the subject of any terrorist activities. However, this does not mean that the jurisdiction is not susceptible to TF. The NRA considered that TF threat to be low, but the assessment of the TF risk did not consider critical risk factors such as the cross-border movement of cash through customs and through the financial sector. The TCI by virtue of being an IFC is exposed to some level of TF risk, however, the extent is unknown.
Overall Level of Compliance and Effectiveness
3. Since the last CFATF Mutual Evaluation in 2008, the TCI has progressively advanced the legislative framework to address gaps in the country’s AML/CFT framework. More than fifteen pieces of legislation were implemented, most notably the Proceeds of Crime Ordinance (POCO), which amended the 1998 law. Subsidiary legislation was introduced in 2010 in the form of the Anti-Money Laundering and Prevention of Terrorist Financing Regulations 2010 (AMLR), the Anti-Money Laundering and Prevention of Terrorist Financing Code 2011 (AML/PTF Code) and the Prevention of Terrorism Ordinance (POTO) 2014. An Anti-Money Laundering Committee (AMLC) was also established under POCO to coordinate ML/TF risk assessments and national AML/CFT policies. In the months preceding the on-site visit, the TCI made a significant number of amendments to its AML/CFT laws and other subsidiary legislation. 4. The legislative measures implemented by the TCI have significantly enhanced its technical compliance framework. TCI has been rated Compliant on 15 Recommendations (R.3, 4, 5, 9, 11, 12, 18, 20, 21, 25 27, 29, 30, 32 and 39), Largely Complaint on 9 (R.2, 6, 7, 24, 31, 33, 35, 37 and 28) and Partially Compliant on 16 (R.1, 8, 10, 13, 14, 15, 16, 17, 19, 22, 23, 26, 28, 34, 36 and 40). 5. In terms of effectiveness, the jurisdiction has achieved a moderate level of effectiveness for Immediate Outcomes (IOs) 1, 2, 5, 6 10 and 11 a low level of effectiveness for IOs 3, 4, 7, 8, and 9.
Mutual Evaluation Report of the Turks and Caicos Islands
10 │
Assessment of risk, coordination and policy setting (Chapter 2; IO.1, R.1, 2, 33 & 34)
6. The NRA provided a fair understanding of the national ML/TF risks but there were significant gaps since the findings were not adequately informed by regulatory, supervisory and law enforcement data, and as a result, does not give a complete picture of, or address all the risks, in the country. Human trafficking, human smuggling, corruption, fraud and illegal immigration were identified by some competent authorities as primary domestic predicate crimes but were not assessed in the NRA. The impact of international predicate crimes on the domestic system was also not assessed, although these crimes are considered to pose the greatest threat to the system. Appreciation of the extent of ML/TF risks associated with illicit cross-border flows was limited. The low rating for TF was not based on consideration of all relevant information and data, including out-going cash, financial flows through the domestic system as a result of TCI being an IFC, and NPOs’ vulnerability to TF. ML/TF risks presented by exempt companies are not understood to a satisfactory level, despite representing the majority of the companies formed in TCI. The ML/TF risks to the FI and DNFBP sectors were not examined with an adequate degree of intensity, including data/information from regulatory, enforcement and supervisory sources. 7. TCI has developed a National Strategy that contains several objectives and associated actions to address the risks identified in the NRA and is a good indicator of the country’s commitment to address their risks. Included in the Strategy, for example, are plans to improve data collection, regulate the gaming industry for AML/CFT purposes, extend AML/CFT supervision to DNFBPs, conduct effective AML/CFT supervision of FIs and NPOs, and improve ML/TF investigations and prosecutions. Nevertheless, the Strategy lacks national priorities to address the key domestic and international predicate crimes identified by the authorities. Some competent authorities were also not familiar with the contents of the Strategy and were unaware of their specific responsibilities under the document (such as the Gaming Inspectorate and the Integrity Commission (IC)). 8. The extent to which the authorities’ objectives and activities are informed by the Strategy is not understood to an acceptable degree, as the document was only approved and shared with competent authorities a few months before the on-site visit. The work that has commenced by the authorities pursuant to the Strategy does not appear to be risk-based, as matters deemed both high and low risk for ML/TF were being pursued simultaneously. 9. The AMLC is the formal mechanism for coordinating risk assessments and AML/CFT policy. Coordination at the operational level, is mostly done informally and is more evident among LEAs. However, several key authorities, including members of the AMLC and the FIA, have recently entered into a Memorandum of Understandings (MOUs) that allow them to cooperate and share information on matters relating to the investigation of ML, TF and other predicate crimes. 10. Despite the gaps in the NRA, broad agency participation and private sector inputs have inspired collective thinking about national ML/TF risks.
Financial intelligence, ML investigations, prosecutions and confiscation (Chapter 3; IO.6, 7, 8; R.1, 3, 4, 29–32)
11. The FIA is the main repository for financial intelligence in the TCI and has demonstrated that it has both direct and indirect access to the widest range information that is held by different agencies including the Royal Turks and Caicos Islands Police Force (RTCIPF) and the FSC, and those of the reporting entities (FIs and DNFBPs). Most of the competent authorities, primarily the FCU which is the premier LEA responsible for the investigation of financial crimes and ML, have
Mutual Evaluation Report of the Turks and Caicos Islands
│ 11
demonstrated that they are accessing and utilising financial intelligence to conduct their functions. Although the efforts of these competent authorities to access and utilise financial intelligence and relevant information is notable and commendable, they are not being done consistently and in keeping with the risk and context of the jurisdiction. 12. There have been some outcomes such as obtaining of investigative orders, prosecutions, convictions and confiscations from the access and use of financial intelligence by competent authorities. The outcomes can be enhanced by continuous training of LEAs regarding the effective use of financial intelligence. The FIA disseminates the product of its analysis to competent authorities, which has resulted in some tangible outcomes. The FIA can benefit from more human resources to adequately conduct its functions. 13. The FCU works closely with the ODPP in ensuring that all the pertinent information and evidence necessary for successful prosecution of ML is obtained. The ODPP is a proactive agency and is engaged at the earliest stage of a ML investigation. Despite the risk and context of the jurisdiction, the FCU is under-staffed, under-resourced and can benefit from continuous training especially in relation to the identification and investigation of complex money laundering schemes. The FCU is staffed by 4 Police Officers, 2 of whom is a senior RTCIPF officer, 1 of whom is responsible for administration and supervision of the unit. There have been minimal prosecutions for ML offences, including complex ML cases and the prosecution results are not commensurate with the ML risk profile and the findings of the NRA. The sanctions contained in POCO for ML offences are proportionate and dissuasive. The assessment team found that the application of these sanctions by the judiciary was effective, proportionate and dissuasive as they are guided by the sentencing guidelines and is required to take some mitigating factors such as facts and circumstances of the case prior to sentencing. 14. The TCI has a robust legal framework that allows for the confiscation of the proceeds of crime including civil recovery provisions. This is supplemented by the policy that was created and implemented by the ODPP, mandating that parallel financial investigation be conducted which identify assets for confiscation. This policy was implemented just prior to the on-site visit. However, with no tangible result, it appears that confiscation has not been pursued as a policy objective and is not consistent with the risk profile of the TCI. Very little assets have been restrained and confiscated in relation to domestic predicates and criminal proceeds that have been moved to other countries. However, in comparison, the authorities have demonstrated to a greater extent that they are restraining, confiscating and repatriating the proceeds of crimes when called upon to do so by their foreign counterparts. The limited number of cases for which restraints and confiscations have been pursued is not proportional to the number of convictions for acquisitive predicate offences over the period and the risk profile of the TCI. The lack of recovery of criminal proceeds, including the seizure and forfeiture of cash and BNIs in the jurisdiction, is largely due to the lack of resources (human and technical) and training of the competent authorities who are engaged in the identification, tracing and recovery of criminal proceeds.
Terrorist and proliferation financing (Chapter 4; IO.9, 10, 11; R. 1, 4, 5–8, 30, 31 & 39.)
15. TF was assessed as low risk by the jurisdiction in its NRA. However, the assessment failed to consider several factors, including that the Customs Department was not collecting information on out-going cash and not referring declarations to the FIA. This translates to undetected cash leaving the jurisdiction unknown to the authorities. There are challenges that exist within the system that do not allow for the proper identification and successful investigation of TF. Some of these challenges include lack of targeted training for officers of the FIA, FCU and ODPP in the area of TF, lack of awareness and guidance to FIs and DNFBPs on TF and the sanctions measures;
Mutual Evaluation Report of the Turks and Caicos Islands
12 │
and no comprehensive strategy to deal with TF should it occur1. During the period under review, the TCI has undertaken 1 potential case of TF. However, this case was closed as the evidence did not reveal TF or any criminal activity. 16. TCI has a robust legal system to implement TFS for TF/PF without delay pursuant to United Nations Security Council Resolutions (UNSCRs) 1267 and 1373. The FSC monitors compliance and implementation of the UNSCRs by FIs and DNFBPs. At the end of the on-site visit, no designations were made by the jurisdiction and there was no identification of terrorist property in the jurisdiction based on checks conducted by FIs and DNFBPs on their databases. The sanction lists and any updates relevant to sanctions and Orders are communicated to FIs and DNFBPs through the FSC’s website and emails. However, there is no prompt transmission of the sanctions lists and their updates by the FSC. 17. Routine screening, using various screening tools, are used by FIs to screen their customers against the different sanctions list. The use of screening tools, coupled with CDD measures employed by FIs decrease the risk of engaging in business with a terrorist, terrorist entity or terrorist financier. The DNFBP sector has limited knowledge of the UN sanctions lists and Orders and some businesses had no measures in place to screen customers while other inconsistently screened customers. There is lack of clarity among FIs and DNFBPs on the steps to be taken should there be a match against the UN sanctions lists and demonstrates the need for more supervision, guidance and outreach by the FSC. 18. The vulnerability of NPOs to being misused for TF purposes was not considered by the authorities during the conduct of the NRA. Nevertheless, in August 2018, just prior to the on-site visit, the FSC conducted a desk-based review of the operations of NPOs. A total of 196 NPOs operating in the jurisdiction was assessed with 4 considered to be high risk on the basis that they are engaged in the disbursement of funds outside of the jurisdiction. The assessment of vulnerability was not detailed in depth and in scope based on the information provided to the assessment team. Further, there is no risk-based supervision of the NPO sector to ensure they are not being misused for TF purposes.
Preventive measures (Chapter 5; IO.4; R.9–23)
FIs 19. The FIs demonstrated a generally good knowledge of AML/CFT requirements, with the banking sector having implemented relatively better AML/CFT policies and procedures. This was especially evident for those banks that are a part of a group structure since they are required to implement group-wide AML/CFT policies and programmes. In particular, these banks appear to have implemented the required customer due diligence (CDD) measures, record-keeping requirements and enhanced due diligence (EDD) where necessary. Their on-going monitoring mechanisms ensure that the relevant information for clients is obtained, maintained and updated accordingly. 20. Those banks and FIs that are not part of a group structure or which do not have international affiliates, have less stringent AML/CFT measures in place as their operations are based mainly on long-standing client relationships. These institutions also demonstrated insufficient understanding of the ML/TF risks related to their business operations. There is a heavy
1 Subsequent to the onsite visit, officers from the FCU along with other competent authorities attended a CFT training in Barbados in November 2018. This was followed by FCU authorities who attended this training sharing their knowledge as a result of this training through a one-day workshop held locally in March 2019.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 13
reliance on introduced business, which is mainly informal relationships which are not supplemented by proper verification measures. 21. STRs/SARs reporting by all FIs is generally low, despite the presence of risk mitigation measures in some FIs. Although this sector has been provided with some guidance from the supervisor, there is a need for more training of the staff of FIs to identify suspicious activity. Adequate sanctions are necessary in instances where activities considered to be suspicious are noted during onsite examinations of FIs and have not been reported by the FIs. DNFBPs 22. Lawyers have a better appreciation and understanding of their ML/TF risks in comparison to other DNFBPs. This gap is based, in part, on the DNFBPs general view that there are limited possibilities for the misuse of their products and services for ML/TF. 23. Gaps in the understanding of AML/CFT obligations and national, institutional and sectoral ML/TF risks, significantly limit the application of effective risk-based mitigating measures by DNFBPs. Understanding of ML/TF risk is largely based on customer profiling (which is commonly predicated on the fact that the relationships have been long-standing), rather than on relevant risk factors (e.g. products/services, transaction, etc.), and is not informed by any ML/TF risk assessments conducted by the FSC or the sector. AML/CFT obligations regarding politically exposed persons (PEPs), targeted financial sanctions (TFS), beneficial ownership (BO), and screening measures are not understood at sufficiently granular levels to ensure compliance with the AML/CFT rules. 24. While basic customer identification and verification measures are carried out, full CDD measures are not undertaken because of the tendency of some DNFBPs to rely mostly on long- standing client relationships to satisfy CDD requirements. This weakens compliance with AML/CFT obligations to identify and understand customer risks. The requirement to terminate a client relationship based on an inability to perform CDD is understood by the DNFBPs. However, interviewed DNFBP representatives indicated that they have not filed any STRs/SARs on the basis of a refusal to establish a business relationship. Compliance with this requirement is also compromised in cases where adequate CDD is not conducted, because of over-reliance on close customer relationship. 25. There are instances of EDD measures for PEPs are being applied by the sector, but this is only limited to source of fund information and management approval. The sector understanding of PEPs is limited to domestic politicians and their families, a gap that would preclude application of EDD measures to the other PEP categories. 26. There are low STR/SAR filings among DNFBPs in light of the absence of risk mitigation measures. The assessment team attributes such low filings to several factors: lack of precise understanding of what constitutes a suspicious activity, general insensitivity to STR filings, lack of AML/CFT oversight and training in the identification of such activities.
Supervision (Chapter 6; IO.3; R.14, R.26–28, 34, 35)
FIs 27. The FSC is the competent authority that is responsible for the supervision of FIs. The FSC has implemented licensing and registration requirements which, if fully imposed, should prevent criminals and their associates from holding (or being the beneficial owner of) a significant or controlling interest, or holding management function, in FIs. The AML/CFT supervisory regime of FIs can be enhanced as the FSC has conducted very limited on-site examinations. Better
Mutual Evaluation Report of the Turks and Caicos Islands
14 │
coordination of these examinations and the implementation of a risk-based supervision should improve the assessment of risks in the various sectors. 28. The NRA revealed that the FSC has assessed the ML risks of FIs mostly based on the inherent risks associated with the sectors as there was no consistent supervisory activity of the sectors. The limited follow-up activity also did not provide any additional assessment of the ML/TF risks. Although the FSC can apply sanctions for failure to implement AML/CFT measures, the application of such sanctions has been limited. There is inconsistent, ongoing monitoring of remedial actions to be implemented by FIs. 29. Proactive outreach to the regulated businesses has increased with the joint coordination between the FSC and the FIA of meetings and workshops. This is expected to continue and should create greater awareness of AML/CFT obligations to FIs. DNFBPs 30. The FSC and the Gaming Inspectorate have been designated as the AML/CFT supervisors for DNFBPs with the latter having oversight for the gaming industry and the former having remit over the remaining DNFBP sectors. The fundamentals of an AML/CFT supervisory system are in place in the TCI, however, they are not being applied effectively to the DNFBP sector as none are adequately supervised or monitored for AML/CFT purposes. The authorities have commenced preliminary processes to bring DNFBPs under AML/CFT supervision but have not made any significant headways in this respect. The supervisors have begun conducting outreach/awareness activities to enhance the sector’s understanding of its ML/TF risks and AML/CFT obligations, but more frequented and targeted training is needed to bring the sector to better levels of AML/CFT compliance. 31. While the licensing regime for casinos is fairly robust, this is less the case for the remainder of the gaming industry. The FSC’s registration and renewal process for the other DNFBPs is neither consistently complied with, nor is it adequately supervised for compliance. Registration by the FSC also does not include adequate vetting measures to prevent criminals from operating in the sector. Source of funds (SOF) and source of wealth (SOW) information are not required for entrance into sectors, such as micro-finance and car dealers, both of which, based on the nature of their businesses, require significant capital injections for start-up and operations. 32. Supervisors’ understanding of ML/TF risks in the DNFBP sector is primarily based on generally perceived risk associated with the sector, rather than from specific ML/TF sectoral and thematic studies.
Transparency and beneficial ownership (Chapter 7; IO.5; R.24, 25)
33. TCI has implemented mechanisms to ensure that basic and BO information on the types and forms of legal persons is publicly available. Registers on companies and limited partnerships (LLPs) are maintained by the FSC. Through the NRA, TCI has been able to get an understanding on how legal persons and arrangements can be misused for ML and TF and has implemented some measures to mitigate such risk. However, there is a need for more supervision by the FSC of CSPs and Professional Trustees (PTs) as there is a lack of awareness by these sectors regarding their ML/TF risks. Additionally, more supervision is needed to ensure that CDD requirements are complied with since the on-site visit revealed that there is heavy reliance on intermediaries. 34. Based on discussions with the private sector, some CSPs and PTs have downplayed the risk associated with their sectors. There is heavy reliance by Professional Trustees on personal relationships with clients and not on CDD requirements. Additionally, some CSPs rely on BO information obtained by intermediaries. This makes legal arrangements more susceptible to being
Mutual Evaluation Report of the Turks and Caicos Islands
│ 15
misused. Further, these practices increase the risk of the information held by CSPs and Professional Trustees from being adequate, accurate and current and available to be provided in a timely manner. Competent authorities have timely access to basic and BO information whether kept by the FSC or registered agent.
International cooperation (Chapter 8; IO.2; R.36–40)
35. TCI is able to share information both domestically (among local competent authorities) and internationally with countries (formally through MLA and extradition and informally with foreign counterparts). However, more needs to be done to properly investigate and prosecute ML commensurate with the risks to the jurisdiction as well as TF offences that may have transnational elements. 36. The TCI provides a wide range of MLA to various countries including the exchange of tax information and BO information. The assistance provided by the jurisdiction is constructive and generally provided in a timely manner. Constructive assistance is also provided spontaneously and upon request through other means by the competent authorities and there are several MOUs with foreign counterparts. 37. On the other hand, the jurisdiction does not consistently use MLA or extradition as a means of seeking international cooperation. Based on the context of the jurisdiction being an IFC, the low number of requests by the TCI is not commensurate to its risk profile.
Priority Actions
38. The prioritised recommended actions for the TCI, based on these findings, are:
a) TCI should take steps to have a fuller understanding of the ML risks associated with legal persons, and all categories of DNFBPs and FIs. The country should also conduct risk assessments to develop a deeper understanding of the risk of TF, taking into consideration cross-border movement of cash including wire transfers and the movement and cash and BNI through customs. The assessment should include deeper evaluation of the NPO sector’s vulnerability to abuse for TF. b) The FSC should ensure that the CSP, legal, real estate, and trust sectors are complying with their obligations to identify their high-risk customers. The FSC should also ensure that these sectors undertake a review of these business relationships to determine compliance with current CDD requirements, with a particular focus on the origin of funds, beneficial ownership and PEP status. c) The FSC should develop and implement an appropriate AML/CFT risk-based supervisory regime for FIs and DNFBPs including an offsite and on-site examination cycles based on the findings of risks. The FSC should ensure that it enforces the ladder of sanctions for failure to comply with AML/CFT requirements and that all sanctions applied are effective, proportionate and dissuasive. The FSC should be provided with the necessary resources needed to conduct its functions. d) The FSC should conduct targeted outreach and training to FIs and DNFBPs on an ongoing basis to improve awareness of their AML/CFT obligations (including STR/SAR identification and filing), as well as ensuring that these sectors understand their ML/TF risks and are implementing risk- based preventive measures. Compliance failures in CDD, BO and PEPs requirements should be a priority of the FSC’s training and guidance to FIs and DNFBPs. e) The FSC should enhance its due diligence procedures for DNFBPs, particularly the legal and real estate sectors, which should include robust suitability and vetting checks, including financial and
Mutual Evaluation Report of the Turks and Caicos Islands
16 │
criminal background assessments. Condominium developers and their employees, auctioneers and other professionals that provide real estate services without being registered to do so, should be brought within the scope of national AML/CFT requirements. f) TCI should ensure that exempted CDD measures are justified by a proven finding of ML/TF risks and are not authorised for high risk regulated persons and customers in the PORCs and captive insurance sector until ML/TF risks within these sectors are properly identified, assessed and mitigated. g) DNFBPs should be specifically required to conduct ML/TF risk assessments at the institutional level which should include consideration of all relevant risk factors (e.g. customer information, transaction types, delivery channels, geography and product and services) within a reasonable time. Priority focus should be on the real estate and legal sectors. h) The FSC should provide awareness and guidance to FIs and DNFBPs on TFS and the steps to be taken once a customer is identified as a listed person or entity. i) There should be outreach and guidance to the NPO sector on how they can be misused for TF. j) The FIA should be provided with the requisite resources, including human resources and continuous training (mainly in the areas of operational and strategic analyses) to effectively conduct its functions. Further, the FIA should undertake a review of the manner in which it conducts its operational analyses. In addition, outside of feedback received from competent authorities, the FIA should identify other mechanisms, including hosting training and guidance workshops with competent authorities to sensitise them on the importance of the FIA’s intelligence products to their operations. The aim of these review and outreach by the FIA should be to ensure the products disseminated meets the operational needs of competent authorities. k) Competent authorities, primarily LEAs and prosecutors who are the largest users of financial intelligence, should be provided with the requisite training on the effective use and importance of financial intelligence to their functions. Such training should include the proper conversion of financial intelligence and relevant information into evidence, which would essentially lead to more demonstrable outcomes such as prosecutions, convictions and confiscation. l) LEAs should review the manner in which they identify and investigate ML and should seek to do so consistently with the ML risk profile of the country and the findings of the NRA. Greater focus needs to be given to complex ML cases, cases involving legal persons and those that may involve foreign predicate offences. Further, TCI should provide the relevant LEAs, especially the FCU and the IC, with the necessary resources (including human) and training to effectively conduct their functions. m) The FIA and the FSC should continue its outreach and training efforts to FIs and DNFBPs in an effort to have better quality reporting of STRs/SARs. Further, detailed feedback should be provided to the reporting entities by the FIA on the quality of the STRs/SARs submitted, and where possible deficiencies identified, recommendations provided on how to improve the quality and possibly the quantity of reports. n) Competent authorities responsible for recovery of criminal proceeds, including civil recovery provisions, should ensure that same is being done in a manner that is consistent with national policies and priorities, including the findings of the NRA and the policy document implemented by the ODPP. In an effort ensure that the foregoing objectives are achieved, LEAs should demonstrate that they are aggressively identifying, tracing assets particularly those that represents the proceeds of foreign predicates such as fraud, tax evasion and drug trafficking and properties of equivalent value,
Mutual Evaluation Report of the Turks and Caicos Islands
│ 17
and where identified, competent authorities should be applying for restraint and freezing orders. Further, LEAs, ODPP, AGC and the Judiciary should be provided with continuous training relative to confiscation and other provisional measures. o) FIs and DNFBPs should be provided with the necessary training and outreach to identify transactions that may have a nexus to TF taking into consideration, the amount of cross-border transactions, the context of the jurisdiction and funds that flows through the financial system. The authorities should also provide training to LEAs and prosecutors relative the identification and prosecution of TF offences. p) Taking into consideration the risk and context of the jurisdiction and the findings as detailed in the NRA (proceeds from foreign predicate offences), the TCI authorities should make more use of international cooperation including the use of MLA to seek assistance from the foreign counterparts to effectively investigate ML, associated predicate offences and TF, and to identify, trace and recover the proceeds of criminal conduct that may have been removed from the jurisdiction. Additionally, MLA should also be used to recover the proceeds of crime committed in the TCI that may not have been generated in the TCI. q) Competent authorities should ensure that basic and BO information are accurate and up to date. Further, competent authorities should ensure that CSPs and PTs are provided with more sensitisation on the ML/TF risks involved in the use of intermediaries and the reliance on third parties.
Effectiveness & Technical Compliance Ratings
Effectiveness Ratings2
IO.1 IO.2 IO.3 IO.4 IO.5 IO.6 IO.7 IO.8 IO.9 IO.10 IO.11 ME ME LE LE ME ME LE LE LE ME ME
Technical Compliance Ratings3
R.1 R.2 R.3 R.4 R.5 R.6 R.7 R.8 R.9 R.10 PC LC C C C LC LC PC C PC R.11 R.12 R.13 R.14 R.15 R.16 R.17 R.18 R.19 R.20 C C PC PC PC PC PC C PC C R.21 R.22 R.23 R.24 R.25 R.26 R.27 R.28 R.29 R.30 C PC PC LC C PC C PC C C R.31 R.32 R.33 R.34 R.35 R.36 R.37 R.38 R.39 R.40 LC C LC PC LC PC LC LC C PC
2 Effectiveness ratings can be either a High- HE, Substantial- SE, Moderate- ME, or Low – LE, level of effectiveness. 3 Technical compliance ratings can be either a C – compliant, LC – largely compliant, PC – partially compliant or NC – non compliant.
Mutual Evaluation Report of the Turks and Caicos Islands
18 │
MUTUAL EVALUATION REPORT
Preface
39. This report summarises the AML/CFT measures in place as at the date of the on-site visit. It analyses the level of compliance with the FATF 40 Recommendations and the level of effectiveness of the Turks and Caicos Islands’ (herein after referred to as ‘TCI’) anti-money laundering/counter-terrorist financing (AML/CFT) system and recommends how the system could be strengthened. 40. This evaluation was based on the 2012 FATF Recommendations and was prepared using the 2013 Methodology. The evaluation was based on information provided by the country, and information obtained by the evaluation team during its on-site visit to the country from September 10th - 21st, 2018. 41. The evaluation was conducted by an assessment team consisting of: • Joann Bond, Attorney General’s Chambers and Ministry of Legal Affairs, Guyana (legal expert). • Annette Beaumont, Bank of Jamaica, Jamaica (financial expert). • Kerstin Petty, Financial Services Regulatory Commission, St. Kitts and Nevis (financial expert). • Avinash Singh, Trinidad and Tobago Police Service, Trinidad and Tobago (law enforcement expert). • Carlos Acosta, Deputy Executive Director, CFATF Secretariat (Mission Leader). • Pedro Harry, Law Enforcement Advisor (Co- Mission Leader) • Joanne Hamid, Financial Advisor (Advisory Support) 42. The report was reviewed by Joris Rozemeijer, Public Prosecutor’s Office in Curacao; Chantal Goupil, Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), Canada and the FATF Secretariat. 43. TCI previously underwent a CFATF Mutual Evaluation in 2008, conducted according to the 2004 FATF Methodology. The 2008 evaluation and 13 Follow-Up Reports (FURs) have been published and are available at the CFATF website. 44. That Mutual Evaluation concluded that the country was compliant with 6 Recommendations; largely compliant with 2; partially compliant with 20; and non-compliant with 12. TCI was rated compliant or largely compliant with 4 of the 16 Core and Key Recommendations. 45. In its 13th FUR, TCI successfully exited the 3rd Round follow-up process at the June 2016 CFATF Plenary based on the progress made on Core and Key Recommendations that were rated
Mutual Evaluation Report of the Turks and Caicos Islands
│ 19
PC/NC (R.1, 5, 10, 13, 23, 26, 35, 36, 40 and SR.I, II, IV) to a level that is comparable to at least an LC.
Mutual Evaluation Report of the Turks and Caicos Islands
20 │
1. ML/TF RISKS AND CONTEXT
46. The TCI is 1 of 6 British Overseas Territories (BOT) in the Caribbean comprising of the larger Caicos Islands and smaller Turks Islands which lie in the North Atlantic Ocean southeast of The Bahamas and north of Haiti, the Dominican Republic and the Antilles archipelago islands. The TCI consists of over 40 different islands, 6 inhabited islands and 2 privately developed islands, namely; Parrot Cay and Pine Cay. Several other private islands are in the process of being developed including Ambergris Cay and West Caicos. 47. TCI’s capital is Cockburn Town. At the last census, in 2012 the population was 31,458. TCI has excellent air services from the United States of America (USA), Canada, Europe and the Caribbean, as well as reliable domestic services throughout the island chain. Providenciales, the centre of the tourism and financial services sectors, is the most densely populated island. Tourism and offshore financial services are the main contributors to the country’s economy. TCI’s main trading partners are the United Kingdom (UK), the USA and Canada. The official currency is the United States of America dollar (USD). There is no Central Bank. 48. The TCI does not impose direct taxes but is financed by a consumption-based tax system, predominantly customs duties, which is supplemented by taxes and government fees such as stamp duties, passenger fees, accommodation tax and work permit fees. The total nominal gross domestic product (GDP) for the TCI in 2013 was USD 987 million, with per capita GDP at USD 27,850. 49. The 2 major economic drivers are tourism and financial services which contribute approximately 36% and 8% of GDP respectively, are derived predominantly from North America4. 50. As a BOT, the government of the TCI cannot sign or ratify international conventions. The UK is responsible for international affairs and must arrange for the ratification of any convention to be extended to the TCI. 51. The governance of the TCI consists of a parliamentary representative democratic dependency, whereby the Premier is the Head of Government, together with a multi-party system. The TCI Constitution Order 2011 provides for an elected government comprising of a Ministerial Cabinet and an elected House of Assembly. There are 3 branches of government: (i) the Executive, (ii) the Legislature and (iii) the Judiciary. Legislative power is vested in both the Executive Council and the House of Assembly. The Judiciary is independent of the Executive and the Legislature.
ML/TF Risks and Scoping of Higher Risk Issues
1.1.1. Overview of ML/TF Risks 52. The NRA was considered as a self-assessment by the TCI authorities. The process involved workshops and assessment sessions with representatives from competent authorities, FIs
4 The TCI National ML/TF Risk Assessment, August 2017- page 42
Mutual Evaluation Report of the Turks and Caicos Islands
│ 21
and DNFBPs. Additionally, the full NRA report was shared with both private sector and public sector stakeholders. Chapter 2 - IO.1 provides more details relative to the findings of the NRA. 53. As an International Financial Centre (IFC), the TCI is vulnerable to financial flows associated with foreign threats, including tax evasion and fraud5. The susceptibility of the jurisdiction to being used for ML/TF encompass factors which include its status as an IFC, the USD being the official currency, no income tax or capital gains tax and the high-end real estate market.
1.1.2. Country’s Risk Assessment & Scoping of Higher Risk Issues 54. In August 2017, the TCI completed its NRA using the Work Bank risk assessment tool. It concluded that the risk of ML occurring within the TCI is medium-high, while the risk of TF occurring within the TCI is rated as low. Table 1.1. Classification of Risk - FIs and DNFBPs based on the NRA
Classification of Risk Sectors Medium-High • Banking • CSPs • Independent legal professionals • Trust company business sector • Gaming Sector Medium • Real Estate sector • Accountants • High Value Dealers, such as persons dealing in auto sales, jewellers • Micro Lenders • Investment Companies • Money Service Business Medium-Low • International Insurance sector Low • Domestic Insurance sector
55. The assessment team, in identifying priority issues, reviewed materials submitted by the TCI on its ML/TF risks, including the NRA findings and information from reliable third-party sources (e.g. reports and publications from creditable international organisations). The following issues, considered as threats and vulnerabilities, were deemed as posing a higher ML/TF risk to the TCI. Foreign Threats a. Fraud: The NRA identified fraud as one of the foreign predicate offences from which illicit funds are derived and utilised to acquire property in the TCI. Also, the country’s financial system and borders are used as conduits to move cash to other jurisdictions. The TCI authorities have processed several MLA requests from foreign counterparts that identified significant amount of funds coming from North America involving various types of fraud, including wire fraud, health care fraud, and tax fraud6.
5 The TCI National ML/TF Risk Assessment, August 2017, p.9. 6 The TCI National ML/TF Risk Assessment, August 2017, p.9.
Mutual Evaluation Report of the Turks and Caicos Islands
22 │
b. Tax Evasion: The NRA identified tax evasion as one of the sources of proceeds of crime that flows through the jurisdiction7. TCI has been listed as a tax haven8 in the past and it has been quoted that TCI’s ‘trust legislation allows for asset protection insulating assets from civil adjudication by foreign governments’9. Trusts have been used to mask beneficiaries and the sources of their illicit gains, enabling them to evade their domestic tax reporting requirements; as a result, focus was placed in this area. c. Drug trafficking: The TCI’s location in close proximity to Haiti and The Bahamas makes it an ideal trans-shipment point for narcotics including cocaine. Further, direct flights between the TCI and The Bahamas, coupled with direct flights between Haiti and the TCI, has resulted in Bahamian smugglers travelling to Haiti via TCI with large amount of cash for their smuggling ventures. Moreover, reports from Bahamian law enforcement authorities suggest that traffickers from South America and Venezuela utilised remote airfields to airdrop cocaine to the TCI and The Bahamas10. For the period 2016-2017, TCI law enforcement officials recorded an increase of 21 cases for drug offences from the previous year. Further, there was a 28% increase in the detection rate for drug cases11. Domestic Threats a. Corruption: Nine (9) persons have been arrested, charged and prosecuted for a total of 24 ML offences, which are currently before the Court. Additional incidents of corruption involving the arrest and conviction of law enforcement and public officials have also been reported in the jurisdiction12. b. Other Predicate Offences: During the period 2016 to 2017 crime declined by 14% when compared to the previous year, to a total of 2,626 crimes which included 703 burglaries and 45 cases of aggravated burglaries13. Vulnerabilities
a. Misuse of legal persons and legal arrangements: There have been concerns about the capacity of regulatory authorities to supervise FIs and DNFBPs for compliance with their AML/CFT obligations. This is significant for the evaluation of the CSPs since they provide a critical gatekeeper role in the formation of companies and are the largest single sector by number of licensees, with some 37 licenses issued. The medium-high risk rating of the sector acknowledged the low levels of AML/CFT compliance, particularly the gaps in the monitoring of client activities and CDD. The inherent attractiveness of the sector to disguise ownership, its appeal to
7 The TCI National ML/TF Risk Assessment, August 2017, p.9. 8 See Listing of tax havens by the EU. Retrieved from: http://www.europarl.europa.eu/cmsdata/147412/7%20- %2001%20EPRS-Briefing-621872-Listing-tax-havens-by-the-EU-FINAL.PDF 9 Bureau of International Narcotics and Law Enforcement Affairs. Retrieved from: https://www.state.gov/j/inl/rls/nrcrpt/2014/supplemental/228031.htm 10 See The United States Department of State: International Narcotics Control Strategy Report Vol. 1, March 2017, p.100-101. 11 See Royal Turks and Caicos Island Police: Retrieved from: http://www.tcipolice.tc/20162017-crime-stats-released/ 12 See Turks and Caicos Island Police: Retrieved from http://www.tcipolice.tc/tomiko-glinton-plead-guilty-to-two- counts-of-acts-of-corruption/; Smith, Lewis –Independent Newspaper- December 2012- Michael Misick: Turks and Caicos premier 'who left office with USD 180m fortune' arrested Retrieved from: https://www.independent.co.uk/news/world/americas/michael-misick-turks-and-caicos-premier-who-left-office-with- 180m-fortune-arrested-8393734.html 13 Royal Turks and Caicos Islands Police: http://www.tcipolice.tc/20162017-crime-stats-released/
Mutual Evaluation Report of the Turks and Caicos Islands
│ 23
international customers and the TCI’s status as an IFC makes the jurisdiction especially vulnerable to the potential misuse of legal persons and arrangements by PEPs and criminals. Emphasis was placed on the supervision of the sector as well as on its implementation of AML/CFT measures generally and specifically in relation to requirements for beneficial owners and treatment of PEPs14. b. International Insurance Sector: This was assessed in the NRA as medium-low risk. The TCI has developed a niche market for the incorporation and licencing of Producer Owned Reinsurance Companies (PORCs), which are beneficially owned by the producers of the business that is reinsured. As at May 31st, 2017, the FSC was responsible for the supervision of 6,856 PORCs. The licensing of these entities has been increasing at the rate of approximately 700 per annum15. Focus was placed on the steps taken by the FSC to mitigate the risks of PORCs being used for ML/TF and being otherwise abused by criminals when forming companies for illicit purposes. c. Offshore and Domestic Banking sector: The assessment of medium-high risk in the banking sector was based upon the significant scale of activity through the banking sector in the jurisdiction, which includes exposure to non-resident account holders, with non-face-to-face activity. Attention was placed on both the offshore and domestic sectors. Focus was also placed on whether BO information is obtained, recorded and maintained by FIs. Failed institutions in the past exhibited issues with the local management’s capacity to manage risks properly and there were also challenges for the FSC to address problems promptly. There are similar types of concerns about FIs which are headquartered in the Caribbean while others have complex, non- transparent ownership structures (including parallel banks) that challenge consolidated supervision16. Consequently, focus was placed on both the supervision of the offshore and domestic banking sectors and the implementation of preventive measures within the sectors, especially regarding requirements to maintain BO information. d. DNFBPs: The legal profession is acknowledged to be an important gateway in the TCI’s AML/CFT regime because of the sector’s integral role in property transactions. Notably, almost 50% of law firms are linked by commonality of shareholders/directors and business premises with CSPs licensed to conduct company formation activities. The coalescence between these 2 business activities has created the potential for the legal profession to be abused by criminals using legal services for the acquisition of assets of value (real estate), and for criminals to engage in company formation to obscure ownership. Consequently, focus was placed on preventive measures established by legal professionals, the real estate sector and by FIs (including CSPs, which are treated as FIs in TCI) to mitigate the risks involved in dealing with legal professionals and the real estate sector, as well as on the levels of supervision of this sector. 56. The following was identified as an area of lesser focus based on the information contained in the NRA and the absence of any publicly available data: a. Terrorist financing or terrorist acts: There are no known ties to TF or support for terrorism in the TCI and the threat of TF or other involvement with terrorism internally or externally to the TCI is considered low17. The NRA stated among other things that there were no SARs submitted to the FIA, nor any prosecutions relating to suspected TF. The FSC is the designated supervisor of the NPO sector and in a review of 181 registered NPOs, only a few were categorised as high-
14 The TCI National ML/TF Risk Assessment, August 2017, p.89. 15 The TCI National ML/TF Risk Assessment, August 2017, p.86. 16 IMF Report of the Financial System Stability Assessment for Turks and Caicos Islands, 2015, page17. Retrieved from: https://www.imf.org/~/media/Websites/IMF/imported-full-text-pdf/external/pubs/ft/scr/2015/_cr15282.ashx 17 Response provided by TCI authorities in the Effectiveness submission, p. 6
Mutual Evaluation Report of the Turks and Caicos Islands
24 │
risk category due to overseas remittances from and to countries (and neighbouring countries) related to known terrorist activity18.
Materiality
57. The TCI is an IFC with no capital and income gain taxes. The TCI has large banking, insurance, and asset management sectors with (mostly offshore) assets of USD 4.23 billion (666% the size of the 2017 GDP). The financial services sector is the second major contributor to the country’s GDP (reported as 9.9% for 2017) and is dominated by the banking sector in terms of assets size. As at June 30th, 2018, the 6 banks which hold both national and overseas licences had a combined asset base of USD 2.26 billion, with 90% of these assets held by 1 British-Belizean bank and 3 Canadian banks. The banking sector is comprised of 7 commercial banks. 58. Like the banking sector, the securities and the trust sectors have sizeable amounts of assets under management. As of December 31st, 2017, the securities sector had USD 884 million assets under management and administration with more than half of those funds invested/administered by 1 fund manager. As at June 30th, 2018, the trust sector, comprising mostly ‘small boutique firms’ that provide general trust services, had USD 848.1 million of assets under management, 77% of which is held by 4 trust companies. The trust sector also provides prepaid credit card services, mortgage funding and investment as ancillary services to their licenses. 59. The CSP sector, which provides company formation services, is the largest single sector by number of licenses, with 376 licenses issued. As at March 31st, 2018, there were 16,589 companies incorporated or registered in TCI. Approximately 10,653 (64%) of those companies are exempt companies, which are incorporated by CSPs and do not conduct business in the TCI. These include Producer Owned Reinsurance Companies (PORCs), captive insurance companies and companies which include asset holding vehicles for both corporations and individuals. 60. The International Insurance Sector in the TCI consists of 2 categories of companies – captive insurance companies and PORCs and was assessed in the NRA as medium-low risk. As at June 30th, 2018, there were 69 licensed captive insurance in the TCI of which 61 are general insurers and 8 offer long term insurance. The TCI has developed a niche market for the incorporation and licensing of PORCs, which are small reinsurance companies that are beneficially owned by the producers/owners of the business/risk that is reinsured. As at June 30th, 2018, the FSC was responsible for the licensing and supervision of 7,504 PORCs (see Vulnerabilities b. above). PORCs are general insurance businesses, which are not covered under the FATF Standards, However, TCI has classified PORCs as financial institutions and have brought them under the country’s AML/CFT regulatory regime as a means to proactively manage any potential risk. As financial institutions, PORCs are required to meet all relevant requirements of the Insurance Ordinance, the Companies Ordinance (including beneficial ownership requirements) and the Financial Services Commission Ordinance. PORCs are subjected to a licensing regime by the FSC that includes the submission of information on shareholders/directors, AML/CFT management strategy, copies of the reinsurance agreement and custodial/trust agreement. Also, annual financial reports and annual compliance statements are required. PORCs are also required to operate under an AML/CFT risk management plan/strategy approved by the FSC. Some focus was placed on the steps taken by the FSC to mitigate the risk of PORCs being used for ML/TF and being otherwise abused by criminals when forming these companies, however the FSC has not fully assessed the risks associated with the captive insurance companies and PORCs but indicated plans to do so.
18 The TCI National ML/TF Risk Assessment, August 2017, p.11.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 25
Structural Elements
61. There are structural elements in place for an effective AML/CFT system. The TCI is politically stable and has demonstrated a high-level commitment in addressing ML/TF issues. The rule of law is effective, and the Judiciary is capable and independent. The AML/CFT supervisory regime is in need of further enhancement to ensure that FIs and DNFBPs implement robust risk based mitigating measures to effectively address ML/TF risks.
Background and Other Contextual Factors
62. In 2017, the TCI was severely affected by both Hurricanes Irma and Maria, and the country has been recovering from the consequences of both natural disasters.
1.1.3. AML/CFT strategy 63. The Anti-Money Laundering Committee (AMLC) established by POCO, is chaired by the Honourable Attorney General (AG). It is the AML/CFT policy making body that spearheaded the conduct of the NRA and prepared the National Strategy and the National AML/CFT Action Plan (the National Action Plan). The National Strategy, approved by the Cabinet on May 9th, 2018 and published on July 16th, 2018 via press release, details 10 strategic objectives which aims to improve the country’s AML/CFT system. The Strategy is operationalized through the National Action Plan, which was shared with the respective government authorities in March 2018 by the AMLC.
1.1.4. Legal & institutional framework 64. The main laws relevant to TCI’s AML/CFT/CPF system are the following: • Proceeds of Crime Ordinance Cap.03.15 (POCO): establishes ML/TF as criminal offences and establishes a legal framework for confiscation and other provisional measures; • Anti-Money Laundering and Prevention of Terrorist Financing Regulations 2010 (AMLR): provides the legal basis for financial sector and DNFBPs regulation and supervision. It also sets out the basic AML/CFT obligations for FIs and DNFBPs. • Anti-Money Laundering and Prevention of Terrorist Financing Code 2011 (AML/PTF Code): outlines in greater detail the obligations of financial businesses (FIs and DNFBPs) and provides guidance to achieve compliance with these obligations; • The Prevention of Terrorism Ordinance, Cap 3.21 (POTO): provides for the implementation of the United Nations International Convention for the Suppression of the Financing of Terrorism, creates terrorism and TF offences and provides and provides appropriate measures to deal with those offences. • Companies Ordinance 2017 (CO 2017): Part IX makes provision for beneficial owners of companies and provides for the establishment of beneficial ownership (BO) registers; • Financial Intelligence Agency Ordinance Cap. 3.20 (FIAO): establishes the FIA as an independent agency to receive reports of suspicious transactions from FIs and other persons; to gather, store, analyse and disseminate information to law enforcement authorities and relevant bodies; and
Mutual Evaluation Report of the Turks and Caicos Islands
26 │
• Financial Services Commission Ordinance Cap.16.01 (FSCO): provides powers to the financial sector regulator to penalise FIs for breaches of the regulatory ordinances and AML/CFT legislation. 65. Section 115 of the POCO established the AMLC19 which comprises the following competent authorities: • The Attorney General’s Chambers (AGC): The AG is appointed by the Governor in accordance with (s.91) of the Constitution, 2011. S.41 of the Constitution states that the AG ‘shall be the Legal Adviser to the Government and the House of Assembly’. The AG leads national coordination efforts for ML/TF/PF prevention and is also responsible for the processing and handling of Mutual Legal Assistance (MLA) matters and applicable conventions. External requests and orders are also processed by the AGC. The AG is also the civil recovery authority. • Financial Services Commission (FSC): who is the supervisory authority for regulated FIs and most DNFBPs and its mandate is to monitor compliance by licensees with all ML/TF laws, codes and guidance. The FSC is also the designated supervisor for the NPO sector. • Financial Intelligence Agency (FIA): which plays a central role in the AML/CFT regime and serves as the national centralised agency that is responsible for the receipt, analysis and dissemination of SARs from FIs and DNFBPs. • Royal Turks and Caicos Islands Police Force (RTCIPF): whose mandate is to provide internal security by preventing and detecting crime, protection of life and property and maintaining the peace. The Financial Crimes Unit (FCU) which is a specialised department within the RTCIPF is tasked with conducting ML/TF investigations, and the identification, tracing of assets that can be frozen or restraint and later subject to confiscation and non-conviction-based confiscation. The FCU and to a larger extent the RTCIPF work in close collaboration with the office of the Director of Public Prosecutions. • The Office of the Director of Public Prosecutions (ODPP): constitutionally responsible to undertake all criminal proceedings, including the prosecution of ML/TF offences within the TCI. The ODPP is empowered under Part II POCO to conduct criminal confiscation (post- conviction), which seeks to recover the financial benefit that a person has gained because of having committed a criminal offence. • Customs Department: responsible for preventing and interdicting illegal drugs, other prohibited and restricted goods, as well as undeclared cash and BNIs over the statutory threshold of USD 10,000 being brought into or leaving the TCI at the borders. 66. Other authorities that are directly involved in the administration of AML/CFT/CPF in the TCI: • Office of the Governor: The Governor is the Chairman of the Cabinet and the competent authority for designation of persons under the relevant UNSCRs and ensuring the Sanctions Orders and other relevant Orders as remitted by the Foreign and Commonwealth Office are published in the Gazette under his hand, upon the advice of the AGC.
19 The functions of the AMLC are specified in section 116 of POCO and include to advise the Governor in relation to the detection and prevention of ML, TF and the PF, and on the development of a national plan of action to include recommendations on effective mechanisms to enable the competent authorities in the Islands to coordinate with each other concerning the development and implementation of policies and activities to combat ML, TF and PF. The AMLC is responsible for co-ordinating the assessment of risks.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 27
• The Judicial Administration Department: The Judicial Administration Department comprises the Supreme Court and the Magistracy and is headed by the Chief Justice. The High Court and Court of Appeal constitute the Supreme Court. The High Court has sittings in two islands in the TCI- these being in Grand Turk and Providenciales. As with most democracies, there is a separation of powers between the Judiciary, Executive and Legislature. In the TCI, the Chief Justice is the head of the Judiciary, or Judicial Administrative Department as it is called. The Chief Magistrate is the Competent Authority for all Mutual Legal Assistance matters between the TCI and the USA. • The Integrity Commission (IC): The IC is an independent body which was established by the Integrity Commission Ordinance 2008 (ICO) and is tasked with the responsibility of identifying and investigating allegations and complaints of corruption involving public officials. • Gaming Inspectorate: The supervisory authority for the gaming industry.
1.1.5. Financial sector and DNFBPs 67. The FIs in TCI consist of banks, trust companies, money services businesses, insurance companies, CSPs, investment companies and mutual funds administrators. Because of the scale of their contribution to the TCI economy, trust businesses and CSPs are treated as FIs and are required to meet similar AML/CFT requirements. The type, number and importance weight of FIs in the TCI are as follows20: Table 1.2. Type, number and Importance Weight of FIs in the TCI
Type Number Risk & Importance Weighting
1. Banks 7 Most Significant 2. Corporate Service Providers 36 Most Significant 3. Money Services Businesses 3 Most Significant 4. Producer Owned Reinsurance 7,504 Most Significant Companies (PORCS)21 6. Trust Companies 9 Significant 7. Life Insurance Companies 5 Less Significant 8. (domestic) 9. Captive Insurance Companies 69 Less Significant 10. Investment Companies 7 Less Significant 11. Mutual Funds Administrators 11 Less Significant
68. The banking sector as at June 30th, 2018 had a combined asset base of USD 2.26 billion, however the TCI does not have information on the percentage of assets held offshore or onshore. There are 6 banks which hold both national and overseas banking licences and 1 bank which holds only an overseas license. Three (3) of the six (6) banks holding both licences are commercial banks which are foreign subsidiaries of Canadian banks. The remaining banks are private, non-
20 TCI did not provide information regarding the size of the financial system in the TCI as a percentage to its GDP.
21 PORCs are general insurance businesses and have been classified as financial institutions in the TCI. PORCs have also been brought under the AML/CFT regulatory regime of the jurisdiction.
Mutual Evaluation Report of the Turks and Caicos Islands
28 │
commercial banks. which cater to high net worth clients. The assets held in management by the 9 trust companies in the TCI amount to USD 848.1 million (as at June 30th, 2018). Securities held by investment companies and mutual funds administrators account for 279.3% sector assets as a percentage of GDP. 69. Insurance business in the TCI is categorised into domestic insurance and international insurance. Schedule 2 of the TCI AML Regulations states that general insurance business is excluded from AML Regulations. General insurance dominated the domestic insurance market with 14 registered insurers and 93% of insurance premiums in 2016. Life insurance business in the TCI is extremely small with an average of USD 2.5 million in premiums collected annually contribute 1.4% sector assets as a percentage of GDP. There is no data available on the assets of PORCs (see paragraph 60 above) and captive insurance companies, both components of international insurance, or their contribution to the country’s GDP. 70. Regarding DNFBPs, the legal and real estate sectors weighed most significant for risk and importance on account of the role they play in a range of activities including property purchases and sales, company formations, property management and the handling and managing of client funds. TCI recognise the risks in these sectors and has rated them as medium-high for ML in the NRA given their susceptibility to abuse for serious predicate crimes. Based on the NRA, the legal sector is susceptible to ML and there have been previous instances of charges against lawyers in TCI for corruption and ML-related offences. Further, based on typologies conducted by the FIA, some lawyers are suspected to be engaged in other criminal conduct such as holding funds for international criminal clients, and intentionally commingling their clients’ funds to disguise their source and owners. Firms within the real estate sector have been instrumental in facilitating the acquisition of property in the TCI by international and domestic criminals and have failed to implement key AML/CFT controls, such as conducting CDD and establishing AML/CFT policies, necessary to mitigating their risks. High-dollar property sales to high net worth international clients dominate the real estate market, but the sector lacks adequate understanding of its sources of risks and have not been conducting comprehensive risk assessments covering key risk factors such as customers, geographic regions, etc. 71. There are 43 law firms and 144 legal professionals operating in the Legal Sector. The majority of law firms in TCI operate with fewer than 5 employees, with the top 5 largest firms each having 25, 20, 13, 10, and 9 employees respectively. Approximately 66% of the firms operating in the legal sector provide services that fall within the FATF Standards, with a similar percentage providing services relating to property sales and purchases. At least 8 firms provide property conveyancing services as their main businesses. In terms of real estate, the sector also provides consultancy services in real estate, real estate development, and property management. Other services provided by the sector include wills and probate, trust services, company formation, corporate/commercial transaction, family law, and litigation. With respect to trust businesses and company formations, law firms frequently perform these services as a part of a one-stop facility under common ownership and business premises with CSPs and trust companies. 72. The gaming sector (except for Casinos, which are less significant since the 1 operable casino has fairly reasonable measures in place to mitigate its ML/TF risks and accounts for only 7% of yearly gaming sector revenue), particularly the operations of gaming machines, also weighed most significant for risk and materiality owing to their potential to being used to launder illicit funds, and the gaps that exist in the due diligence process for owners and operators. 73. Gaming machines account for over 90% of TCI’s annual USD 4 million gaming sector revenue, which aids in raising their materiality and risk profile, particularly within the context that the sector was not regulated for AML/CFT purposes and revenue auditing process needs improvement. Other vulnerability factors include the fact gaming venues operate on cash basis
Mutual Evaluation Report of the Turks and Caicos Islands
│ 29
or deploy cashless gaming monitored by computerised accounting for which the Gaming Inspectorate is not technologically equipped to monitor. As well, AML/CFT supervision of the sector is very new and had not commenced at the time of the onsite. 74. The accounting and microfinance sectors have significant risks and importance. Lack of information and knowledge by the FSC on the extent to which the accounting sector is engaging in services that make them susceptible to ML is a serious gap in the regime for the sector, especially considering that it has not been subjected to AML/CFT supervision. Lack of AML/CFT monitoring of the microfinance sector also poses a significant risk as do the sector’s unregulated lending practices and FSC’s seemingly limited awareness of these practices. 75. The High Value Dealer sector consists of 32 car dealers and 4 jewellers. Based on TCI’s statutory definition of high value dealers to include a business dealing in vehicles where the transaction value is at least USD 15,000, only 3 car dealers satisfy this criterion. For these dealers, the majority of vehicles in inventory are new with values at or above USD 15,000, with the average cost for a new vehicle being USD 36,000. The remaining 29 car dealers supply used vehicles to the market with prices ranging between USD 8,000 and USD 13,000. Statistics on average inventory, sale price and number of imports was not available as there is uneven information available on the car dealer sector as whole. Countries from which dealers imported vehicles include the USA, Mexico, and Japan, which accounted for the largest share of used car imports. 76. Jewellers and car dealers have less significant ML risk and importance given their size and materiality to the TCI’s economy. While risks exist in the car dealers and jeweller sectors, including the lack of adequate oversight by the FSC and weak AML/CFT controls, the extent of their impact on the TCI’s economy is less significant when compared to the other DNFBP categories. Table 1.3 (a). Type and Importance Weight of DNFBPs in TCI
Type Risk & Importance Weighting 1. Legal Profession Most Significant 2. Real Estate Most Significant 3. Gaming Sector (Slot machines and Most Significant Gaming Parlours) 4. Accountants Significant 5. Microfinance Lenders22 Significant 6. Car dealers Less Significant 7. Gaming Sector (Casinos)23 Less Significant 8. Jewellers Less Significant 9. E-Gaming Less Significant
22 TCI considers the micro-finance sector as a DNFBP and not an FI.
23 One of the casinos is currently not in operation, but still holds a gaming license from the Gaming Inspectorate.
Mutual Evaluation Report of the Turks and Caicos Islands
30 │
Table 1.3 (b). DNFBPs Sector Breakdown by Type, Customer and AML/CFT Supervisor in TCI
DNFBP Sector # of Registered / Registration Customer Base Licensed Business / AML/CFT Domestic (%) International Supervisor %) Total Independent Law Firms Not available Not available 43 Legal Profession 43 Lawyers - 14424 Accountants Bookkeepers 6 Not available Not available Small business 12 accountants 23 Professional 5 Accountants Not available Not available 27 27 Real Estate Firms FSC 123 Agents 123 Auto Dealers 32 Not available Not available High Value Jewellers Not available Not available 36 Dealers 4
Microfinance 4 4 Not available Not available Firms for the sector Casino 2* 40% 60% Gaming 80% 20% Slot Machines 60 Gaming 7225 Inspectorate Gaming 80% 20% 10 Parlours Total DNFBP Licensees 201
1.1.6. Preventive measures 77. The main legal basis of AML/CFT obligations for the FIs and DNFBPs and enforceable instruments through which they are applied, are the POCO, AMLR, AML/PTF Code, POTO and FIAO. 78. The preventive measures mentioned in the paragraph above apply to all FIs and DNFBPs. The newly enacted Gaming Control Ordinance also includes preventive measures for the gaming industry. These measures address to some extent the FATF Recommendations on preventive measures, including measures for CDD, record keeping, internal controls, reporting of suspicious transactions, etc. For casinos and gaming facilities, the Gaming Control Ordinance (GCO) is the primary AML/CFT law, but only part VI of the Ordinance relating to ML is in effect. The other regulations in the Ordinance, including the provisions on sanction and enforcement powers are not in force.
24 The FSC does not register individual lawyers unless they are sole practitioners. Registration is of the law firms.
25 While there are currently 72 gaming licenses, there is a total of 678 gaming devices currently in TCI.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 31
1.1.7. Legal persons and arrangements 79. Legal persons that may be formed in TCI are companies and partnerships. With effect from February 1st, 2018, the law governing the incorporation and administration of companies is the CO 2017 and pursuant to s.309, repealed the Companies Ordinance Cap 16:08 and the Protected Cells Companies Ordinance 16:09. Currently, there is a transition period for companies that were formed and administered under the repealed Ordinances to be registered under the new legislation (see Chapter 7 – IO.5). 80. The CO 2017 provides for the incorporation of domestic companies, international companies, non-profit companies and protected cell companies and once the transition period expires, all companies would be automatically registered under the new Ordinance. The numbers and description of the different types of legal persons are elaborated under Chapter 7 - IO.5 (see Tables 7.1 and 7.2).
Table 1.4. Types of Companies-Comparison between the Companies Ordinances
Companies Ordinance (Cap Protected Cells Companies 16:08) Ordinance (Cap Ordinance 2017 16:09) Non-Exempted (Ordinary) Protected Cell Domestic
Exempted - International
Protected Cell - Protected Cell
Non-Profit - Non-profit
Limited Life
81. At the time of the assessment, the majority of companies registered in the TCI are exempted/international companies, the majority of which are PORCs which also constitute the majority of insurance companies in the TCI. PORCs conduct business mainly outside of the TCI and are not subject to the same oversight as other companies created within the TCI. Exempted/international companies are allowed to have the register of members at an office outside of the TCI, but a copy is kept at the registered office. However, under the CO 2017, all companies including exempt/international companies are required to maintain and file details of their members with the FSC. The CO 2017 provides for the FSC to manage a Beneficial Ownership Register which, though not open to the public, is accessible to LEAs. 82. The Limited Partnership Ordinance Cap 16:15 (LPO) allows for registration of Limited Partnerships. Partnerships whose principal activities are conducted outside the islands may be registered under the LPO as exempted partnerships. There is no registration of Ordinary Partnerships under the LPO 83. Trusts can be created by common law or the Trust Ordinance 2016. However, Trusts under the Ordinance must be established by a professional trustee which is registered and licenced by the FSC pursuant to the Trust Companies (Licensing and Supervision) Ordinance 2016. PTs for the purpose of AML/CFT supervision are deemed a financial business and therefore subject to the AML/CFT laws (including the AMLR and AML/PTF Code), hence, are required to inter alia
Mutual Evaluation Report of the Turks and Caicos Islands
32 │
conduct CDD and ascertain the beneficiaries, trustees, settlors, protectors and any other natural person ultimately controlling the trust. On the other hand, the obligations of non-professional trustees only arise from the common law in which case they must have full knowledge of all trust documents, maintain identification information on the settlors and beneficiaries, act in the interest of the beneficiaries and only distribute assets to the right persons.
1.1.8. Supervisory arrangements 84. The FSC is the competent authority for the licensing, regulation and supervision of all FIs and DNFBPs except for casinos and other gaming facilities, which are licensed by the Gaming Inspectorate within the Ministry of Tourism, Environment, Heritage, Culture and Gaming. Core principles FIs - banks, securities businesses and insurance companies - are required to be licensed under respective ordinances governing their operations. MSBs are subjected to a similar regime. The FSC has chosen to subject trust businesses and CSPs to a licensing regime on account of their significance to the successes of the international financial sector in the TCI. 85. DNFBPs are not subjected to any risked based AML/CFT supervision or monitoring at an adequate level. Casinos and other gaming facilities have not been supervised for AML/CFT purposes. Although the National Strategy includes provisions to aid in remedying these deficiencies, at the time of the on-site, the authorities were yet to formulate, formalise and implement measures to undertake AML/CFT supervision of the DNFBP sector.
1.1.9. International cooperation 86. The competent authorities for MLA and extradition are the Chief Magistrate, the AG, the Director of the Exchange of Information Unit (EOIU) and the Governor respectively. The functions of these competent authorities are further explained in Chapter 8 - IO.2. 87. TCI engages in international cooperation through a wide range of international, regional and bilateral treaties, conventions and arrangements including MOUs. The Vienna and Palermo Conventions have been extended to the TCI. Additionally, some aspects of the Merida Convention and the TF Convention relevant to AML/CFT have been implemented through domestic legislation. 88. The MLA legal framework to facilitate cooperation and exchange of information with foreign counterparts include the POCO, Mutual Legal Assistance (USA) Ordinance, the Criminal Justice (International Cooperation) Ordinance, the Evidence (Proceedings in Other Jurisdictions) (Turks and Caicos Islands) Order and the Tax Information (Exchange and Mutual Administrative Assistance) Ordinance. These instruments facilitate the exchange of information, including tax and BO information, the service of documents and the registering of orders and examination of witnesses. MLA enabled the jurisdiction to assist in a number of suspected criminal offences relating to ML, fraud offences, tax evasion, bribes, arms trafficking, extortion and aggravated swindling. 89. There is no legal restriction which prevents the jurisdiction from extraditing its nationals. ML and TF are extraditable offences which are permissible pursuant to the UK Extradition Act (2003) which is extended to the TCI in the Extradition Act 2003 (Overseas Territories) Order 2016. 90. TCI has entered into bilateral and multilateral agreements (e.g. tier-A bilateral agreement with 20 jurisdictions for the purpose of sharing tax information). The AGC and the LEAs have made and received requests for assistance from other jurisdictions (including foreign counterparts), however, few requests have been made by TCI for assistance with ML/TF matters. Most of the international information requests from overseas LEAs emanate from North America
Mutual Evaluation Report of the Turks and Caicos Islands
│ 33
due to its proximity to the TCI. Both the FCU and Customs Department engage in counter narcotics activities in cooperation with the USA under Operation Bahamas, TCI (OPBAT) where US law enforcement agencies integrate with RTCIPF to gather intelligence, conduct investigations, and execute interdictions. 91. The FIA has signed several MOUs with foreign FIUs and is very active in exchanging information related to ML and related predicate offences via the Egmont Secure Web (ESW). They have also shared information both upon request and spontaneously. The FCU has an MOU with other BOTs and shares information with other law enforcement bodies including the International Criminal Police Organization (INTERPOL) and the Federal Bureau of Investigation (FBI). As a member of ARIN-CARIB, the TCI can also informally share information with other members. Also, the FSC has signed MOUs with Panama, Cayman Islands, Jamaica, Canada, The Bahamas, Barbados and Georgia.
Mutual Evaluation Report of the Turks and Caicos Islands
34 │
2. NATIONAL AML/CFT POLICIES AND COORDINATION
Key Findings and Recommended Actions
Key Findings
a) TCI has a fair understanding of its ML risks based on the country’s recently completed NRA. The NRA included broad stakeholder participation and helped the authorities to focus collectively on national ML risks and on measures to mitigate and prevent them. TCI does not have an adequate understanding of its TF risk as the assessment did not include analysis of relevant information and data such as the level of outgoing cash, attempted transactions and the flow through of funds in TCI as an IFC. b) Identification and assessment of ML/TF risks in the NRA were based mostly on generally perceived risks, assumptions, and were often not supported by complete and objective analysis, and information and data from LEAs, supervisors and other competent authorities. Understanding of ML/TF risks in legal persons, international and domestic predicate crimes deemed high risk for TCI, and the extent of illicit cross-border flows were limited due to inadequate analysis in the assessment. c) TCI did not assess the risks associated with microfinance business, PORCs and captive insurance businesses, although the latter two account for the majority of exempt companies licensed in the TCI, operate outside the jurisdiction, and are not subjected to AML/CFT supervision by the FSC. d) The TCI has developed a National AML/CFT Strategy and a National AML/CFT Action Plan (NAP) for 2018-2019, both of which are informed by the ML/TF risks identified in the NRA. Other policies, such as the ODPP’s policies relating to investigating and prosecuting ML have been developed as a result of the NRA in the months prior to the onsite. e) The National Strategy did not include any national priorities to deal with the international predicate offences - such as human smuggling, wire fraud, etc.- that pose the most significant threat to TCI’s domestic system. f) While the Customs Department, Border Control and Gaming Inspectorate were generally aware of the results of the NRA, at the time of the onsite, they were not familiar with key ML/TF risks-mitigating responsibilities assigned to them under the National Strategy and the NAP. g) Except in the case of a sector assessed as low risk, exempted CDD measures permitted under TCI laws are not justified by any findings of low ML/TF risk and are allowed for customers that (such as banks, CSPs, MSBs) are rated medium-high and medium risk for ML. Also, the application of these measures to customers in the PORCs and captive insurance sectors are not supported by a proper finding of low ML/TF risks in these sectors. h) The objectives and activities of the authorities are informed by the National Strategy. For most of the review period, there were no AML/CFT policies or strategies that guided the authorities’ work. The allocation of resources and implementation of measures, pursuant to the National Strategy and NAP, to address identified ML/TF risks in the NRA are not risk-based. i) National coordination and cooperation among the relevant agencies on the development and implementation of AML/CFT measures and activities have improved, especially in relation to the conduct of the NRA and the preparation and implementation of the National Strategy and NAP. There
Mutual Evaluation Report of the Turks and Caicos Islands
│ 35
is however limited evidence demonstrating that adequate levels of coordination and cooperation existed between the authorities over the entire review period. j) The private sector, including FIs and DNFBPs, participated in the NRA and is therefore aware of its results. Prior to the NRA however, TCI had not conducted any other national assessment of ML/TF risk that was shared with the private sector or published for its benefit.
Recommended Actions
a) In relation to risks, TCI should undertake the following:
i. take steps to properly understand the ML/TF risks posed by domestic and international predicate crimes, and in the case of the latter, ascertain the extent of the associated cross-border illicit flows of funds in and out of the country. ii. revise its desk-based review of the NPO sector to include an assessment of the sector’s vulnerabilities to TF, and ensure that the process includes adequate and comprehensive inputs from current dialogue with the sector and is supported by a wide range of credible, accurate, updated and relevant information and data. iii. assess the TF risks inherent in TCI as an IFC, taking into consideration the fact that TCI as an IFC receives funds from all over the world and examine the flow throughs, service provisions to parties that support terrorism and the use of complex structures to disguise the underlying beneficial owners who may be involved in terrorism. iv. take steps to better understand its sectoral risks through analysis adapted to domestic circumstances and supported by supervisory, regulatory and LEA data and information. v. conduct a comprehensive review of exempt companies, including PORCs and captive insurers, formed in TCI to understand the ML/TF risks they pose to the jurisdiction, and to identify and implement appropriately tailored risk mitigation and prevention measures.
b) TCI should take steps to ensure that all the relevant competent authorities are aware of their respective ML/TF risk-mitigating responsibilities in the National Strategy and the NAP to encourage the whole of government implementation of these measures. c) Efforts by national authorities, pursuant to the National Strategy and National Action Plan, should be prioritised based on the most significant ML/TF risks for the country. d) The TCI should review exempted CDD measures embodied within the AMLR to ensure that they are supported by findings of proven low risk, not applicable in high risk situations and not permitted for customers in the PORCs and captive insurers sectors until the ML/TF risks associated with them are properly identified, assessed and mitigated.
92. The relevant Immediate Outcome considered and assessed in this chapter is IO.1. The Recommendations relevant for the assessment of effectiveness under this section are R.1, 2, 33 and 34.
Immediate Outcome 1 (Risk, Policy and Coordination)
2.1.1. Country’s understanding of its ML/TF risks 93. TCI’s understanding of its ML/TF risks is based on their recently concluded NRA which was completed and approved by Cabinet in 2017. The NRA represents the first time the TCI has conducted a formal assessment of its ML/TF risks that included broad stakeholder participation. The process motivated collective thinking across key agencies and sectors about national ML/TF
Mutual Evaluation Report of the Turks and Caicos Islands
36 │
risks. A review of the NRA and discussions with private and public sector stakeholders revealed that the NRA could have benefited from the use of critical data and information; more comprehensive supporting analysis; the inclusion of other key areas and examination of their risks; and greater inputs by other relevant public and private sector stakeholders. 94. Conducted under the leadership of the AG, Chair of the AMLC, the NRA was a consultative approach that involved the participation, albeit at varying levels, of various private and public sector stakeholders. These stakeholders included the AG, FSC, FIA, DPP, RTCIPF, Gaming Inspectorate, Customs Department and several other government ministries, as well as representatives from the various FIs and DNFBPs, including the banking, securities, and insurance sectors. 95. The World Bank (WB) Methodology used to conduct the NRA included five separate modules for assessing sectoral risks in the FI and DNFBP sectors: (1) banking; (2) insurance; (3) securities; (4) DNFPB (which allows for each category of DNFPB to be assessed); and (5) ‘Other Financial Institutions’, for FIs not covered by the rest of the Methodology. Each of the sector modules also included a separate assessment methodology for assessing inherent risks associated with the products, services or activities in those sectors. The only FI assessed for ML/TF risks under the ‘Other Financial Institutions’ module was MSBs, notwithstanding indication by the country that the financial sector included financial leasing and microfinance businesses as well. The Methodology also included 3 modules for assessing national ML threat, national ML vulnerability and TF. 96. TCI understands its ML risks to a fair degree and adopts the approach to automatically designate as high-risk, most of the areas generally perceived as such, for example, drug trafficking, PEPs, MSBs and CSPs. Similarly, the country identified international predicate crimes, such as tax evasion, tax fraud, health care fraud and wire fraud and the resulting funds flowing through or remaining in the country as threats posing the most significant risks for the jurisdiction. TCI developed an understanding of these risks through analysis of data on requests for international assistance processed and maintained by the AGC and the FIA. The impacts of these risks on the domestic system were however not explored, although the country has indicated plans to do so. The NRA also recognised several vulnerabilities in TCI’s AML/CFT framework, such as gaps in the regulatory and supervisory regime for FIs and DNFBPs; the ML/TF risk awareness across the system; the data collection framework; and the STR filings by FIs and DNFBPs. TCI’s status as an IFC was also acknowledged by the country as a vulnerability. 97. In some respects, understanding of ML/TF risks in the NRA is based on general perceptions and assumptions about risks affecting particular sectors, including for example the gaming, real estate, MSB, investment, and legal sectors. This approach to identification of risks were at times balanced with anecdotal evidence, knowledge on sector operations and limited information/data from relevant authorities such as STRs filed with the FIA. Risk appreciation in the NRA could benefit nonetheless from more comprehensive analyses derived from the examination of domestic typologies and trends, information and data from LEAs, supervisors and other competent authorities and the private sector in order to facilitate deeper analysis on key risk factors. For example, information on the levels of cash movements in and out of the country from the Customs Department and other relevant sources; data on funds flow-throughs via wire transfers; and complete records on ML/TF confiscations would have assisted the country in formulating adequate understanding on the amount and frequency of illicit cross-border flows associated with the aforementioned international predicate crimes.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 37
98. Similar deficiencies to those mentioned above were also found in the analyses of sectoral risks, whereby ML risks in sectors such as MSBs, investment and trust businesses were mostly examined in terms of their generally perceived risks and on general statements about their vulnerabilities on consequence of their operations in an IFC. TCI has a better understanding of the ML risks in the CSP and banking sectors, likely because these sectors have been subjected to more supervisory scrutiny than the other sectors, albeit at insufficient levels. Still, the authorities were unable to specify the banking products/services that attracted the most significant ML risks, despite confirming that it had assessed 8 such products/services, including, among others, private banking, retail deposits, negotiable instruments and wire transfers. 99. CSPs have been subjected to more frequent AML/CFT supervision and examination than any other FSC-regulated entity. The information and data from such supervision helped informed the understanding of risks within the sector. However, the extent of the sector’s susceptibility to ML risks appear to be greater than a medium high rating would suggest. Despite increased supervisory scrutiny, there is still low levels of AML/CFT compliance within the sector, particularly as it relates to client monitoring. Information from typology and legal requests for assistance showed CSPs in TCI being abused for illicit purposes on several occasions. The filing of STRs/SARs are low in the sector and the more than 10,000 TCI exempt companies that operate outside the jurisdiction (see paragraph 60), which are not subjected to AML/CFT supervision by the FSC, are formed by CSPs. 100. The assessment of ML risk in the legal sector was predicated on a typology report by the FIA and generally perceived risks and assumptions about the profession, including the specialised skill and knowledge of practitioners that makes them susceptible to being exploited for illicit purposes. For the real estate and gaming sectors, the identification and assessment of ML/TF risks were based on lack of supervision, generally perceived risks in the sectors, a limited-scope thematic report on the real estate sector and a report containing preliminary assessment of the regulatory regime for the gaming industry. Review of the real estate sector also included considerations of the risks posed by professionals, such as auctioneers and condominium developers, that provided real estate services without being registered by the FSC to do so. 101. Sectoral analysis in the NRA lacked meaningful and comprehensive examination of the products and services in the sectors, such as banking, investment, trusts, and other DNFBPs, that are vulnerable to ML, and therefore greatly impaired the development of accurate and complete understanding of sectoral ML/TF risks. 102. A main deficiency in the NRA is the lack of sufficient assessment of key domestic predicate crimes, exempt companies and trusts. Human trafficking, human smuggling, illegal immigration and fraud were not examined and assessed in the NRA, although several key agencies revealed during the on-site interviews that these crimes present major ML risks for the TCI. The assessors were informed by some competent authorities that the predicate offence of corruption also continues to be a threat for ML. A review and analysis of the NRA shows that corruption was referenced throughout several sections of the document but was not assessed and analysed in great detail. However, despite the risk of corruption not being assessed in any great details during the period under review, most competent authorities in the TCI have demonstrated that they do have some understanding of the risk of corruption based on previous occurrence that led to an assessment that was conducted by way of a Commission of Inquiry in 2008- 200926. The TCI as
26https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/268143/inquiry- report.pdf
Mutual Evaluation Report of the Turks and Caicos Islands
38 │
a result of the findings of the Commission of Inquiry27 began to treat corruption as a high-priority issue and this is evidence from enactment and amendment of several pieces of anti-corruption legislation, including procurement legislation, prosecution for corruption offences (see Chapter 3 – IO,7) and the establishment of investigatory and supervisory institutions, such as the Integrity Commission, to mitigate against the risk of corruption. 103. The TCI efforts to tackle corruption, despite not being addressed substantially in the NRA is evidenced through the ODPP instituted policy in August 2018 requiring that corruption-related matters be assigned to a specially designated prosecutor. The TCI authorities have also indicated to the assessment team that they have instituted a rigorous public education program, which including targeting children about the importance of tackling corruption. Nevertheless, the assessment team found that there is still a need to assess the current risk associated with corruption in more detail and ensure that the measures that are in place are sufficient to mitigate those risk. 104. There is limited understanding of the extent of the ML risk exposure presented by exempt companies, although they account for more than 65% of companies formed in TCI and a few have been abused for criminal purposes. Exempt companies operate internationally, and most are licensed by the FSC but are subjected to limited supervision. Over 75% of the exempt companies in TCI are international insurers. The majority of these are PORCs, with the remainder being captive insurers. Research has shown that captive insurance companies have come under increased scrutiny in particular as it relates to matters of taxation in the US and because of their risk for abuse. 105. PORCs are vehicles used to reinsure the risks of their beneficial owners (otherwise known as the introducers, producers or intermediaries) underwritten by insurance companies, which operate mainly in the USA. The TCI has not fully evaluated the risks associated with these types of companies but consider them to present a lower level of inherent ML/TF risks due to their limited product and service offering. The FSC has however recently included PORCs in their AML/CFT supervisory regime but recognises that more needs to be done to fully appreciate the ML risks in this sector. 106. The assessment team is of the view that the FSC should expend greater attention on the operations of PORCs. PORCs make up approximately 70% of the more than 10,000 exempt companies formed in the TCI. The large number of unknowns surrounding the business operations of PORCs also suggests that they may be exposed to risks not explored by the TCI. For example, there is some uncertainty of the extent of reinsurance transferred to the PORCs, and the arrangements that obtain where direct writer reinsures all the risk with PORCs, particularly as it relates to the collection of premiums, the settlement of claims and the custodial/trust agreement. 107. Assessment of TF as low risk is not adequately supported. This risk rating was applied on the basis that there were no TF-related prosecutions or STRs/SARs filed with the FIA, and that TCI has no links to terrorist groups or organisations or trade with countries with high terrorist threats. The rating was also based on TCI’s position that it is not close to any areas of conflict, notwithstanding that TF can occur in countries even when they are not near conflict zones. TCI
27 The Inquiry had three scopes (i) looking at possible corruption involving elected members and those who may been a party to such behaviour and recommend criminal investigation, (ii) whether there are systematic weaknesses in legislation, regulations or administration and (iii) whether they give rise to findings and/or recommendations to other related matters. At the completion of the Commission of Inquiry, a report was produced highlighting in the findings of the Commissioners. The findings include but were not limited to; systematic weaknesses in legislation, regulation and institutional framework. The Commissioners in their findings also made several recommendations, including criminal investigation, prosecution, strengthening institutional framework and legislative amendments.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 39
has not detected any potential TF case though, and therefore has not investigated, prosecuted and convicted any person or entities for TF offences. In addition, no STRs have been filed on TF. However, the authorities have not undertaken a review to determine and validate the rationale for the lack of TF-related STRs/SARs, especially considering that FIs and DNFBPs have only recently been provided with guidance on TF and therefore might not have been adequately guided on how to identify TF-related activities and file associated STRs/SARs.. 108. Moreover, the TCI also did not factor into the assessment of TF the lack of data on out- going cash. At the time of the NRA, the Customs Department was not collecting declarations of outgoing cash and lack of this data represents a gap in the analysis of TF. Similarly, the assessment on TF did not consider the level of flow-through funds that TCI, as an IFC, receives from international sources. Attempted transaction, which is seldom reported by the jurisdiction, was also not examined, neither was use of complex structures to disguise BOs who may be involved in terrorism. 109. NPOs are in general particularly susceptible to being used for TF, but this vulnerability was not adequately examined in the NRA. While the NRA concluded that there is no evidence of NPOs in the TCI being used for terrorism, the basis for the finding was not demonstrated. The sector has since been subjected to a desk-based review that provided a starting point to understanding risks in the sector and its susceptibility to being exploited for TF purposes. However, the process raises concerns about whether the assessment was sufficient to help the authorities make accurate determinations about the sector’s vulnerabilities to TF. Based on the contents of the review, the assessors were challenged to conclude that the findings were reasonable and credible. 110. Using registration information and other documents received as part of that process, TCI indicated that it risk-rated NPOs based on 6 factors: activities, incorporated or unincorporated status, annual gross income, distribution of funds, country of beneficiary remittance and country of fund-raising. Of the 195 NPOs whose registration documents were reviewed, 4 were rated as high risk, 67 as medium risk, and 124 as low risk. 111. The basis for these findings, however, were not sufficiently clear. Sparse or no explanation was provided of the risk factors used to guide the review or of the information used to determine the extent to which NPOs were rated high or low for each risk category. The review did not provide any information on the regulatory and supervisory environment for NPOs or on the extent of their compliance operating within that framework. But for the frequency of the FSC’s review, the proposed risk-mitigating measures were effectively the same for all risk categories of NPOs. 112. The review was based solely on registration documents submitted by NPOs to the FSC. During the onsite, the FSC confirmed that some of the registration documents were not current and that some NPOs were not fully compliant with registration requirements. These issues suggested that there could be gaps in the accuracy of the analysis. Focusing the review on only registration documents meant as well that the analysis did not benefit from the consideration of relevant information from sources such as donor organisations, LEAs, STRs filed by banks on NPOs, if any, and consultation with the sector. Notably, the review did not include any inputs from current dialogue with the NPO sector. Engagement with the sector was particularly important however given that the FSC had not been conducting risk-based supervision of NPOs to determine their vulnerability to being misused for TF; had not conducted any onsite examination of the sector; had not provided any guidance or outreach to the sector regarding TF; and had not interacted on a meaningful level with the sector since the registration process in 2014. 113. While the review focused on identifying inherent risks, it did not include a clear assessment of the sector’s vulnerability to being exploited for TF. It is not likely however that such an
Mutual Evaluation Report of the Turks and Caicos Islands
40 │
assessment, had it occurred, would have been reasonable given the aforementioned gaps in the country’s understanding of its TF risks. 114. Overall, the NRA’s main strengths are broad agency participation, inputs from the private sector and the opportunities it provided for the agencies to think collectively about national ML/TF risks. However, the NRA identified that TCI was not able to develop a full grasp on all the predicate crimes being committed in the jurisdiction because of limited data and analysis from relevant LEAs. This gap suggests that the scope and nature of the ML/TF risks facing the country may not be completely understood. Another factor impacting the robustness of the NRA and impairing the jurisdiction’s ability to have a full appreciation of its ML/TF risks is the fact that critical data was either limited or fragmented. There is limited knowledge of the levels of cash movements in and out of the jurisdiction and flow throughs via wire transactions was not considered; no consolidated record of incoming requests for information across all competent authorities are maintained; there are incomplete records of ML/TF confiscations and assets seizures; low levels of STRs filing across all sectors; and lack of data regarding the regulation, supervision and monitoring of certain key FIs and DNFBPs.
2.1.2. National policies to address identified ML/TF risks 115. The National Strategy is used by the TCI as the main mechanism through which risks identified in NRA are addressed. It outlines ten high-level objectives and key risk-mitigating actions necessary for their accomplishment. These include, for example, key objectives to enhance the AML/CFT supervisory and regulatory framework for FIs and DNFBPs; close legislative gaps; improve ML/TF investigations and prosecutions; identify, investigate and prosecute all predicate crimes; and improve the existing framework for data collection. The National Strategy also highlights gaps in knowledge and awareness of ML/TF risks in the financial sector and in its supervisory framework, and articulate measures to build capacity, close these deficiencies and improve the AML/CFT system in general. 116. Key risk-mitigating actions identified in the NRA as well as others developed subsequently to the initiative are contained in the Strategy. These action points are further refined and operationalised by the National Action Plan (NAP) to address twelve sources of ML risk for the jurisdiction, namely: (1) more effective investigation and prosecution of ML and TF; (2) NPO regulations not fully in force; (3) insufficient coverage of onsite and off-site monitoring by the FSC of FIs and DNFBPs; (4) low suspicious activity reporting; (5) lack of supervision of DNFBP casino sector; (6) under development of AML processes by Customs Department; (7) under development of AML processes by Border Control and Immigration; (8) porous borders; (9) inadequate laws; (10) foster change in the approach by the private sector to the issue of de-risking; strategies must be detected and monitored for impact.; (11) not all applicable DNFBPs are registered and supervised; and (12) lack of full awareness among all stakeholders agencies of the TCI wide AML/CFT regime and ML/TF risks and the role each agency plays. 117. The NAP includes broad timelines for accomplishing various discrete actions necessary to address the overarching objectives of the National Strategy and is reviewed and updated as national authorities engage or complete any of the key actions. Identified in the NAP for instance is a 5-month timetable for the RTCIPF and ODPP to undertake various action, such as reviewing ML investigations and compiling statistics on same to improve ML investigation, prosecution and conviction and increase national understanding on the reason for the gaps in this area. Similar timetables with specified key actions are also included in the NAP for the FSC to develop a supervision coverage and for the FSC and FIA to address risks posed by low suspicious activity reporting through various outreach sessions, spanning an entire year, with the private sector.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 41
118. Essentially, the NAP provides a specific roadmap of the measures to be completed by key authorities to address the ML/TF risks identified in the NRA and represented as high level objectives in the National Strategy. Neither the Strategy nor the NAP includes any ongoing guiding principles to direct the daily operations and processes of the authorities’ work, as a matter of course, with respect to risks identified in the NRA. 119. While the National Strategy is informed by the NRA, it however does not contain any national priorities for dealing with specific ML/TF threats, such as fraud, corruption and human trafficking, identified by the authorities during the on-site visit as high risks for the TCI. As well, international predicate crimes, such as health care fraud, tax evasion, and drug trafficking, were identified by the authorities as posing the greatest ML/TF threats to the TCI, but the National Strategy did not point to any specific national measures or priorities for collectively combatting and mitigating these risks. 120. Most authorities are generally aware of the National Strategy and its importance to addressing national ML/TF risks. However, not all authorities appear to be familiar with the National Strategy and key actions specifically assigned to them. Based on responses to specific questions on the Strategy during on-site interviews, it appeared that some of the authorities, such as the Gaming Inspectorate, did not have sight of the document beforehand and could not speak in an informed manner on implementation plans, including those in the NAP, for matters assigned to them. A similar gap was observed with the Customs and Border Control agencies. Further efforts to sensitise Departments or Agencies of their respective responsibilities under these key documents should be addressed by the AMLC. 121. Progress on the implementation of the objectives in the National Strategy and degree of effectiveness achieved will be monitored, with annual reporting by the AMLC to the Governor. A mechanism has already been set up for the agencies to make reports to the AMLC.
2.1.3. Exemptions, enhanced and simplified measures 122. The NRA is not being used by the TCI Authorities as a basis to justify exemptions from AML/CFT requirements or support the application of EDD or SDD. However, there are provisions in TCI’s AML/CFT laws that allow for the exemption of CDD under certain specified circumstances. Under Regulation 15 of AMLR, FIs and DNFBPs are not required to apply CDD prior to establishing a business relationship or carrying out an occasional transaction where reasonable grounds exist to believe that the customer is any of the following: (i) a regulated person; (ii) a foreign regulated person; (iii) a public authority in TCI; (iv) a body corporate with securities listed on a recognised stock exchange; (v) from a sector assessed as low risk in a NRA. The exemption also applies where a product is a life insurance contract with annual premiums that are no more than USD 500 or where a single premium of no more than USD 2000 is paid. 123. Except for category (v), exempted CDD under the other specified situations is not informed by a finding of low ML/TF risk or the country’s NRA but is rather based on expediency. Furthermore, some customers included in the regulated person category for which exempted CDD is permitted are fairly high risk for ML. Regulated persons include licensees in the banking, trust businesses, company management (CSPs), investment businesses, MSBs and insurance sectors. The first three of these sectors were rated medium-high risk for ML, while the investment and MSB sectors were rated medium. 124. Also, in TCI’s current risk context where sectoral assessments are based in large part on general perceptions and not supported by credible data and information provided by supervisors, LEAs, and other competent authorities; the authorisation of CDD exemption based on a low risk rating of a sector may not be reasonable. For example, PORCs and captives insurance businesses
Mutual Evaluation Report of the Turks and Caicos Islands
42 │
are rated as medium low risk (given that they make up the international insurance sector which is rated medium-low risk), operate outside of the jurisdiction, and have not been fully evaluated to ascertain the ML/TF risks they pose to the TCI. Notwithstanding these gaps in the understanding of ML/TF risks, FIs and DNFBPs are authorised under Regulation 15 of the AMLR to not apply CDD to customers from these sectors.
2.1.4. Objectives and activities of competent authorities 125. The objectives and activities of competent authorities are largely informed by the recently formulated National Strategy, which addresses the ML/TF risks identified in the NRA. Most authorities have therefore began undertaking measures to address these risks. For example, to address some of the gaps in the investigation, prosecution and conviction of ML, the RTCIPF, ODPP and Judiciary are working together to establish a common template for data collection and compiling existing data; and the Customs Department has incorporated new practices into its operations, such as the collection of statistics and a preliminary assessment of trade-based ML. The country also began to implement measures to address the limited information on the levels of cash movements in and out of the country from the Customs Department and other relevant sources. Specifically, the Customs Ordinance was amended in August 2018 to mandate declarations on outbound cash which exceeds USD 10,000, and the Customs Department commence capturing and sharing such declarations with the FIA since February 2018. 126. The AGC, FCU, FIA and ODPP in 2018 have started quarterly meetings with the Chief Magistrate to discuss issues regarding MLAT requests and the prosecution of underlying predicate offences and offences under POCO. At the time of the onsite, two meetings were held thus far. In addition, the ODPP formulated several policies relating to investigating and prosecuting ML and other serious crimes. These policies guide the daily operations of the ODPP’s processes and include procedures relating to confiscation in ML matters, assignment of financial and other serious crimes to specially-designated prosecutors, investigation and prosecution of ML, requirement reported offences that present a ML component be also referred to FCU for further investigations, and protocols for treating with formal and informal requests from international bodies. Given that these policies were established approximately four months prior to onsite interviews; the country, at the conclusion of the onsite interviews, was not able to demonstrate any tangible outcomes arising from the implementation of these policies. 127. Similar efforts to address identified deficiencies in the FSC’s AML/CFT supervisory and monitoring framework are underway. At the time of the onsite, the FSC had expanded its on-site coverage of regulated sectors, including high-risk ones; and partially completed 6 on-site examinations of entities within the CSP and banking sectors respectively (although at the time of the on-site, the reports were still in the drafting stage). The FSC also conducted a desk-based review of the NPO sector, commencing plans to increase its oversight and gain understanding of risks in the sector. A similar review was also done of the real estate sector. Limited training and increased dialogue with the sector in view of the risks identified in the review also commenced. 128. Under an aggressive legislative agenda, TCI also amended and passed more than 12 pieces of key legislation relevant to combatting ML/TF and other predicate offences, including the Proceeds of Crime Ordinance, the Anti-money Laundering Regulations, the Anti-money Laundering Codes, the Gaming Control Ordinance, the Terrorism Prevention Ordinance, the Financial Intelligence Ordinance, Customs Ordinance and NPO Regulations, among several others. 129. Resource constraints in the agencies have precluded significant progress on scheduled key risk-mitigating actions embodied in the National Strategy and reiterated in the NAP. Several measures scheduled for completion before the on-site were either not accomplished or initiated,
Mutual Evaluation Report of the Turks and Caicos Islands
│ 43
including for example, the establishment of a database for maintaining statistics on cash levels28; developing key indicators for predicate crimes and measures to improve border control; conducting a thematic review of the legal sector and several scheduled on-site examinations of the banks, trust businesses, CSPs, MSBs and insurance companies and expanding AML/CFT supervision to DNFBPs. 130. It is also not clear from the authorities’ activities that the risks identified in the NRA are being prioritised in accordance with those posing the greatest threat to the county; and the agencies were not able to provide any clarity in this respect. Neither the National Strategy nor the NAP includes any articulation of the ML/TF risks the TCI considers to be most significant and that would by necessity expend the most considerable national resources. Completion times for the majority of the action points were within the same time frame, which made it difficult to gain a full understanding of the priority order for matters. It was explained to the assessors that the NAP is prioritised because it demonstrates the country’s commitment to address the identified ML/TF risks. Given the authorities’ representations of resource limitations, focus could have first been given to allocating resources to the areas posing the most significant and immediate risks. 131. The authorities begun to implement the National Strategy in 2018. Given the short timeframe between implementation and the onsite interviews, an assessment of the extent to which the National Strategy informs the objectives and activities of the competent authorities is limited. Prior to the development of the National Strategy, there is no evidence that the objectives and activities of the authorities were informed by a similar instrument or established AML/CFT policies.
2.1.5. National coordination and cooperation 132. As noted above, the National Strategy is the principal document guiding national authorities’ activities in the prevention and mitigation of ML/TF risks. At the policy level, the AMLC is reasonably effective in coordinating TCI’s AML/CFT activities and is the mechanism through which the authorities’ implementation of the National Strategy is monitored and progress reports are made. The AMLC also coordinated the conduct of the NRA and the development of the National Strategy and the NAP. There is evidence that the AMLC members worked closely on the development of the NRA, but there weren’t appropriate levels of cooperation between them and some of the other relevant authorities in the development of these documents or on the development of AML/CFT policies and activities. Authorities such as the Gaming Inspectorate, Customs Department and Border Control were not able to demonstrate that they were fully aware of their responsibilities under both documents. 133. The AMLC however undertook efforts to have the Gaming Inspectorate more involved in national coordination of AML/CFT activities. In the months prior to the on-site interviews, the Gaming Inspectorate, though not a member of the AMLC, had been invited to and attended three meetings of the AMLC, but by that time the National Strategy and the National Action were already prepared and submitted to the TCI’s Cabinet for approval. 134. The Integrity Commission represented that it was not aware of the National Strategy, although it is key to the accomplishment of 3 of the objectives in the document, and the effective investigation of corruption (which falls under its remit) could be critical to the advancement of other objectives such as to improve ML/TF investigations and prosecutions.
28 TCI has indicated that this was completed after the on-site visit, and the Customs Department now maintains an up- to-date record on cash paid into Customs for customs related breaches.
Mutual Evaluation Report of the Turks and Caicos Islands
44 │
135. Members of the AMLC have signed an MOU that allows them to collaborate on AML/CFT matters at both the policy and operational levels. Given that the MOU was executed shortly before the onsite interview, the extent of the members’ cooperation and coordination through that avenue could not be ascertained at the time of the on-site visit. Operationally, the AGC, FCU, FIA and ODPP, in 2018 started quarterly meetings with the Chief Magistrate to discuss issues regarding MLA requests and the prosecution of underlying predicate offences and offences under POCO. Two meetings have been held so far. 136. LEAs including the RTCIPF, Customs and FIA, have entered into MOUs that allow for the exchange of information to support the investigation and prosecution of ML, associated predicate offences and TF. At the time of the onsite, similar MOUs with the FIA, supervisors and other competent authorities were not in place for the Gaming Inspectorate.29 Though the authorities have not had the opportunity to collaborate on AML/CFT matters under these arrangements given their relative newness, the Customs, FIA and the ODPP have collaborated informally. For example, Customs and RTCIPF have worked on drug interdiction matters together and are able to do so pursuant to s.9 Customs Ordinance; the FIA collaborated with the AGC and Customs in relation to a SAR on sequential USD 100 bills, which are suspected to be undeclared funds deposited into a bank account by foreign nationals. Customs and the FIA are working together in respect of monitoring cross-border cash declarations. There are also joint task force meetings between Customs, Border Control and the RTCIPF, although this appears to be done on an ad hoc basis rather than regularly scheduled meetings for addressing AML/CFT related matters. 137. Notwithstanding that the authorities currently cooperate and coordinate on the development and implementation of the AML/CFT policies and activities, these efforts were not consistently undertaken over the period under review.
2.1.6. Private sector’s awareness of risks 138. The NRA included the participation of the private sector at various workshops, some of which included fact finding and dialogue on national and sectoral ML/TF risks. Some private sector participants, such as representatives from big accounting firms, even contributed to the drafting of the relevant analysis in the NRA report. Most onsite interviewees had knowledge of the NRA but were not always aware of the identified risks in the document facing their sectors. This gap could, in part, be attributed to the fact that the interviewed representatives were sometimes different from those that participated in the NRA on behalf of their sectors, and therefore were at times challenged to show awareness of the specific ML/TF risks identified in the NRA that affected their sectors. Still, the private sector could benefit from greater sensitisation of the relevant result on risk in the NRA, which the authorities have begun to address with outreach sessions. 139. While the level of awareness of the NRA results among the private sector constituents was mixed, with the high value dealers demonstrating limited to no awareness, the full NRA report was made available to the public via an October 24th, 2017 Press Release and through publications on the FSC’s, FIA’s, Customs’, RTCIPF’s and the AGC’s websites. The FSC also issued specific communication via email on the result of the NRA to FIs and DNFBPs and held sessions to sensitise them on the NRA findings. The findings of the NRA were also shared at a seminar to which DNFBPs and FIs were invited. 140. Other than the NRA, the assessors were not made aware of any other national assessment of ML/TF risks conducted by TCI. A typology by the FIA included analysis demonstrating that
29 Subsequent to the on-site visit, the Gaming Inspectorate has signed an MOU with the FIA and Ministry of Border.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 45
several sectors - e.g. banking, CSPs, lawyers and real estate - were exposed to ML/TF risks, but there is no indication that the document was published or shared with the private sector. Further, there was no demonstration by the authorities that any other instruments on risks have been published for the benefit of the private sector.
Overall conclusions on IO.1 141. TCI has achieved a moderate level of effectiveness for IO.1.
Mutual Evaluation Report of the Turks and Caicos Islands
46 │
3. LEGAL SYSTEM AND OPERATIONAL ISSUES
Key Findings and Recommended Actions
Key Findings Use of financial intelligence (Immediate Outcome 6)
a) The FIA has demonstrated that it is accessing and utilising financial intelligence and relevant information held with the various competent authorities and private sector officials to conduct its functions, including operational analysis. The FCU which is charged with the investigations of ML activities and identification of assets for confiscation and other competent authorities have also demonstrated they are accessing and utilising financial intelligence and relevant information from the FIA and reporting entities. Nevertheless, this is only being done to a limited extent and is not commensurate with the ML/TF risks profile of the jurisdiction. b) The FIA operational analyses have supported competent authorities to some extent in the conduct of their functions. The financial intelligence and relevant information contained in the FIA disseminations have been used to some extent to identify new targets, trace assets and prosecute offenders. However, the outcomes achieved thus far from these operational analyses are minimal and is not in keeping with the ML/TF risks profile of the country. c) Competent authorities, including LEAs have received limited and in some instances no training relative to the use of financial intelligence and relevant information in the conduct of their functions. Further, although some LEAs have provided feedback to the FIA on occasions about the usefulness of the intelligence products received, there was a lack of formal face-to-face discussions between the FIA and the LEAs to further improve these products. d) The FIA has demonstrated that it has worked along with FSC to provide training and awareness to some FIs and DNFBPs. Nevertheless, the guidance and awareness are limited and is believed to have an impact on the quality and amount of STRs submitted to the FIA. There is evidence that the FIA is providing feedback to the reporting entities regarding the quality and status of the STRs submitted however same is not being done on a continuous basis. e) Based on TCI’s risk profile and its status as an IFC, the level of STRs/SARs reporting by some FIs and all DNFBPs is low and not commensurate with the jurisdiction status. Further, some FIs and DNFBPs have not demonstrated a full understanding of their obligation to report suspicious transactions within the AML/CFT framework (see Chapter 5 - IO.4). f) The FIA has demonstrated that it conducts both operational and strategic analysis. The FIA has a cadre of staff that has some levels of experience and training in relation to conducting both operational and strategic analyses. However, the training in these two areas are not continuous and need to be further developed. There is no indication that the strategic analysis developed by the FIA is properly utilised by competent authorities and FIs in the conduct of their functions g) The FIA in 2017 began to utilise technology namely analytical software such as ALTIA, IBM iBase and i2 to complement its human resource to conduct analysis. The FIA although not fully staffed based on the approved organisational chart has demonstrated that it is conducted its functions with some level of effectiveness.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 47
ML investigation and prosecution (Immediate Outcome 7) a) LEAs have mechanisms in place for the identification of potential ML activities including through both proactive and reactive mechanisms such as intelligence and reports received by the FIA. Nevertheless, the manner in which ML cases are identified and investigated is not consistent with the ML risk profile of the country or its AML/CFT policies. Further, there is no structure in place to undertake coordinated parallel financial investigations among the relevant LEAs, although there are cases to demonstrate that this is occurring. b) The TCI has demonstrated that it is conducting ML investigations and prosecutions including the prosecution of a complex ML case involving high profile individuals such as PEPs and Attorneys at Law. Despite the significant impact on the geo-political and AML/CFT landscape this case has on the jurisdiction, the assessment findings are that the manner in which complex ML cases are identified and prosecuted is not commensurate with the risk and context of the jurisdiction. c) The minimal number of outcomes such as ML prosecutions emanating from FIA’s disseminations suggest that there are deficiencies in the system. d) Most of the ML matters investigated and prosecuted by the TCI authorities primarily relate to domestic predicate offences and is not commensurate with the jurisdiction being an IFC with significant amount of monies moving across the border. This is also not consistent with the findings of the NRA which noted that foreign predicate offences represent a threat to the jurisdiction. There is no indication that LEAs are targeting proceeds that may have derived from foreign predicate offences or third-party ML or ML cases that may involve legal persons. e) There are recent efforts undertaken by the ODPP to ensure that cases that may involve potential ML activities are scrutinised and the necessary parallel financial investigations are conducted. However, due to the recentness of this policy, there has been little to no results. f) The ODPP is involved at the earliest opportunity to render assistance and guidance for those ML cases under investigation and has therefore demonstrated an interest in prosecuting ML cases. g) TCI has demonstrated that it is prepared and is utilising other criminal justice measures such as civil recovery where it is not possible to obtain a prosecution or conviction for ML, albeit that this only being achieved to a limited extent. Further, prosecutions of the substantive predicate offences have been conducted where it is not possible to charge or secure an ML conviction. h) LEAs, specifically the FCU and the IC lack the necessary resources, including human and technical to effectively conduct their functions, taking into consideration that ML and corruption are considered to be medium to high risk for ML and based on the information received during the on-site visit. Further, although there is some expertise among the police officers tasked with investigating ML offences based on their level of experience, the number of training programs allocated in the area of ML investigation is limited and not continuous.
Confiscation (Immediate Outcome 8) a) The POCO provides the requisite tools for LEAs, the AGC and prosecutorial authorities to confiscate and recover the proceeds of crime, including through non-conviction based civil recovery (see R.4). There is also a policy directive issued by the ODPP to prosecutors which mandates that all case files with potential for confiscation to be referred to the FCU for further investigation. However, the confiscation policy was implemented just prior to the on-site visit and has not resulted in any outcomes. b) The jurisdiction has demonstrated that it is recovering the proceeds of crime, especially through the civil recovery regime, however, the results generated thus far are not commensurate with the risk profile of the country and national AML/CFT policies and priorities. c) Although the authorities have restrained and confiscated assets to a very limited extent (from both domestic and foreign predicates and proceeds located abroad), the limited number of cases in which
Mutual Evaluation Report of the Turks and Caicos Islands
48 │
identification, tracing, restraints and confiscations were pursued are disproportionate to the number of convictions for acquisitive crimes and the risk profile of the TCI. This therefore suggest that LEAs and prosecutorial authorities are not aggressively identifying, tracing and freezing criminal assets or property of equivalent value that may be located in the TCI or abroad for confiscation. d) The Customs Department or any other LEA have not seized, detained or forfeited any currency or BNIs from any person or entity entering or leaving the TCI who has falsely declared or not declared same. Given the jurisdiction’s risk profile and an acknowledgement in the NRA that TCI’s archipelagic nature makes it accessible by all types of watercraft for smuggling and moving of bulk cash (see Chapter 2 - IO.1), the lack of seizures and forfeiture by the authorities is not commensurate with the risk. e) Competent authorities such as ODPP and the FCU have received some levels of training relative to the identification, tracing and the recovery of suspected criminal proceeds. However, this training is limited in nature and not in-depth in some instances. Further, the customs department who plays an important role in the confiscation regime (false declaration) lacks the necessary training and expertise to effectively identify, trace and confiscate the proceeds of crime.
Recommended Actions Use of financial intelligence (Immediate Outcome 6)
a) The FIA should conduct a review of the manner in which it conducts its operational analysis and the intelligence product disseminated, with the aim of ensuring that it supports the operational needs of competent authorities to a greater extent. The assessment team also recommends that the focus of the analysis should also be based on the ML/TF risk. b) LEAs and competent authorities who are the recipient of the FIA’s products should also provide feedback to the FIA on the prescribed Feedback form in a timely manner regarding these products’ strengths and weaknesses and the type of information that is beneficial to their functions. The feedback should also incorporate the usefulness of the products. The FIA and other competent authorities, primarily LEAs are encouraged to have formal discussions regarding how the FIAs disseminations can better support their operational needs. c) The FIA should be provided with the requisite resources, including human resources and training, that are necessary for the agency to effectively conduct its functions, including, operational analysis. d) Competent authorities should ensure that they are accessing and utilising financial intelligence and relevant information to a greater extent and in a manner that is commensurate with the risk profile of the jurisdiction. They should also ensure that the use of financial intelligence and relevant information are achieving or supporting more demonstrable outcomes. e) Competent authorities should be provided with the requisite training on the effective use and importance of financial intelligence to their functions. Such training should include, the conversion of relevant information and financial intelligence into evidence, including the intelligence reports disseminated by the FIA which should essentially lead to more demonstrable outcomes such as prosecutions, convictions and confiscations from these products. f) The FIA should continue its outreach, guidance, feedback and training to ensure that FIs and DNFBPs are reporting more quality STRs/SARs including in the area of identifying STRs/SARs that are linked to high risk offences (including corruption) and possible TF (despite this being identified as low risk). The foregoing is to ensure that those entities that are not identifying and reporting STRs/SARs based on the level of risk associated with their sectors are aware of their obligations and are doing such. Training and outreach should also incorporate the importance of the FIA’s strategic analysis product and its importance to the reporting entities.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 49
ML investigation and prosecution (Immediate Outcome 7) a) Competent authorities should develop and implement policies and procedures which allows for a coordinated, effective and structured management of parallel financial investigations between the different investigative agencies such as the FCU, RTCIPF, Customs Department and the IC (prior to same getting to the ODPP). This would ensure that potential ML cases are identified through parallel financial investigations are investigated or referred to the FCU that is equipped with the necessary expertise and resources for investigations. b) There is a need for greater coordination and meetings between the FIA and the relevant LEAs to which intelligence reports are disseminated, in order to ensure that intelligence reports are fully understood and greater efforts are made by the LEAs to give more focus to these disseminations in a targeted manner, especially those that are related to suspected proceeds of crime from those offences that are deemed to be threat to the jurisdiction. By doing this, LEAs can utilise their already limited resources in a targeted manner. c) LEAs and Prosecutors should put measures in place to ensure that ML cases are properly identified, investigated and prosecuted in a manner which is commensurate with the jurisdiction’s ML/TF risks profile and national AML/CFT policies. This includes targeting in a more aggressive manner the identification, investigation and prosecution of ML cases that may have resulted from the commission of a foreign predicate offences (especially those that are considered to be a threat based on the NRA), third-party ML, complex ML cases and those that may involve the use of legal persons. d) Competent authorities should utilise other criminal justice measures such as civil recovery more frequently in cases where they are unable to prosecute and obtain a conviction for ML due to insufficient evidence. The utilising of such measures should be commensurate with the ML/TF risks of the jurisdiction. e) The TCI authorities should ensure that LEAs, particularly those that investigate high risk offences as identified in the NRA are provided with the necessary resources, including human and technical and to conduct their functions in an effective manner, including those mentioned in key recommended action (c) above. f) The TCI authorities should ensure LEAs and prosecutors are provided with continuous training and expertise to develop their competencies in properly identifying, investigating and prosecuting potential ML cases, primarily those that are complex in nature.
Confiscation (Immediate Outcome 8) a) The authorities should ensure that a greater effort is placed in implementing existing policies, including the departmental order from the ODPP, across the agencies that are responsible for the recovery of criminal conduct, thereby building a culture of confiscation among the key agencies. Upon the proper implementation of policies, all authorities involved in the recovery of criminal proceeds including through civil recovery should ensure that results are commensurate with the AML/CFT risk profile of the country. b) TCI authorities should ensure that the relevant training and resources relative to all aspects of the confiscation proceedings, including tracing, identification and freezing are provided to all competent authorities that are involved in this process, including, LEAs, the OPP and the Judiciary. c) LEAs should take a more aggressive approach to identifying, tracing and restraining assets derived from criminal conduct that may be located in the TCI or abroad, with the intention of recovering same. The identification, tracing of assets located abroad should be done in greater collaboration with foreign counterparts. d) Customs officials should be provided with continuous and relevant training, sensitisation and resources to adequately conduct their functions, including targeting the physical cross-border movements of cash
Mutual Evaluation Report of the Turks and Caicos Islands
50 │
and BNIs that have not been declared, falsely declare or represent the proceeds of crimes and liable for confiscation. The recovery of cash and BNIs should be consistent with the ML/TF risk profile of the jurisdiction.
142. The relevant Immediate Outcomes considered and assessed in this chapter are IO.6-8. The Recommendations relevant for the assessment of effectiveness under this section are R.1, R. 3, R.4 and R.29-32.
Immediate Outcome 6 (Financial Intelligence ML/TF)
143. The FIA is the central authority in the TCI that is responsible for the receipt of suspicious activity/transaction reports (SARs/STRs) and other financial information related to ML, associated predicate offences and TF (see R. 29 – TC Annex). The FIA is a statutory body enacted by the FIAO and is governed by that legislation. The FIA by virtue of being the central authority for the receipt of such information is the main repository and user of financial intelligence and relevant information which is primarily obtained from the STRs/SARs it received and analysed. The FIA is an administrative type FIU and has no investigative powers despite being staffed by police officers who are seconded to the agency from the Royal Turks and Caicos Islands Police Force (RTCIPF). 144. The FIA is responsible for analysis and dissemination of financial intelligence in the form of intelligence reports to competent authorities. These intelligence reports are the end product of analysis of SARs that are sent to the FIA by the various reporting entities and are bolstered by additional information obtained by the FIA via enquiries during the course of its analysis to assist and guide the receiver of the report. These reports are then proactively disseminated to the relevant competent authorities. The main LEA that utilised financial intelligence from the FIA is the FCU, a department within the RTCIPF which is tasked with the investigations of ML and other financial crimes and the identification of assets for confiscation. Other competent authorities that utilise financial intelligence and relevant information in their functions include the Integrity Commission (IC), Customs, Financial Service Commission (FSC) and Immigration Department. The FIA has operational independence and is able to carry out its functions without hindrance as the Director is responsible for managing the daily activities of the agency. Good governance oversight is provided by an impartial and independent Board of Directors. The agency has its own budget which comes by way of a subvention from the TCI Government.
3.1.1. Use of financial intelligence and other information 145. The FIAO grants the FIA wide array of powers to obtain information from any person in the course of conducting an enquiry into a suspicious transaction related to ML, TF and associated predicate offences (see criterion 29.3(b)- TC Annex). To effectively conduct its functions the FIA has access to various databases including, RTCIPF, Immigration, Business Licence Department, Land Registry and the Companies Registry. Except for the RTCIPF’s database which can be accessed directly, all other databases are accessed indirectly by way of letters of requests. Indirect access to the other databases is done through requests to the Single Point of Contact (SPOC) of the requisite government departments. Conversely LEA’s can access information from the FIA’s database upon request and some agencies, primarily the FCU has demonstrated that they are doing this. The FIA also uses open source intelligence (OSINT) to carry out inquiries including internet search engines and social media platforms. The FIA is a member of the Egmont group of FIUs and uses the ESW to securely communicate with foreign FIUs; this platform is also used for the
Mutual Evaluation Report of the Turks and Caicos Islands
│ 51
receipt of requests from foreign FIUs, as well as to facilitate requests for information by LEA’s during the conduct of their investigations. 146. There is an unfettered process for the exchange of information between the FIA and FCU. This is largely due to the composition of the staff of the FIA, who are police officers. Competent authorities, primarily the FCU, have shown that they are utilising the FIA to access information, including that of a financial nature on their behalf. The access to financial and relevant information is conducted with relative ease, as the TCI is small in nature (despite having multiple islands) thus making communication easy. Once the FCU makes a request to the FIA in relation to an investigation, the FIA access its sources and provide a response to the FCU’s request. In an effort to formalise the sharing of information, there is also an MOU for the sharing of information between the FSC and the EOIU for the sharing of tax information. There is also an overarching multi-agency MOU between all member agencies of AMLC for the purpose of information sharing related to ML and associated predicate offences. None of the agencies interviewed during the on-site visit indicated that there were challenges in obtaining information from fellow AMLC members. The figure in the table below shows the amounts and types of information accessed by the FIA during the period under review.
Table 3.1. Type of Requests made by FIA (Between 1st January 2014 - 31st December 2017)
Type of Request 2014 2015 2016 2017 Total Background Check 6 1 1 1 9 Business License Check 4 - 1 - 5 Request to FIs for customer information 62 213 296 115 686 FSC Checks 19 15 47 13 94 Immigration Check 13 21 36 20 90 International Request 7 10 8 10 35 Land Registry Check 10 4 21 7 42 NHIP Check - 2 4 - 6 NIB Check - 4 6 - 10 Police Inquiry - - 1 - 1 Section 28 FIAO (inquiries relating to suspicious transactions) 16 22 69 27 134 Survey and Mapping Request - - 1 - 1 Telecoms Inquiry - 2 1 - 3 Grand Total 137 294 492 193 1116 147. The table above represents the requests made by the FIA to FIs and other government agencies. It also identifies the purpose of those requests. The information shows that the FIA made a total of 1,116 requests for information, of which 1,083 (97%) were submitted to LGAs and LEAs. The purpose of these requests was to obtain financial and relevant information to further develop STRs/SARs and to honour requests for international and local assistance received by the FIA. 148. The FIA has the powers under s.28 FIAO to stipulate a time-period for the reporting entity or person to provide respond, which is 14 days. The majority, 760 (68%) of the requests were responded to within 1- 30 days. with the majority responded to within the 14 days. The information presented shows that there was a substantial increase in the number of requests for information in in 2016. The assessment team believes that this increase is linked to the increase in the number of
Mutual Evaluation Report of the Turks and Caicos Islands
52 │
STRs, as the data correlates to the increase in STR reporting. The information presented also shows that the information was primarily requested for conducting operational analysis of STRs/SARs. Table 3.2. Number of requests made by the FIA to reporting entities.
Type of entity 2014 2015 2016 2017 2018 Total Commercial Banks 64 134 226 138 55 617 Private Banks - 31 31 5 1 68 Trust Companies 2 35 65 12 4 118 Real Estate Agency/ - - - 1 - 1 Agents MSBs 2 23 23 17 15 80 CSPs 3 4 12 2 - 21 Law Firms/Attorneys 3 4 3 2 - 12 Other - 2 3 - - 5 Total 74 233 363 177 75 922
149. The information above shows that the FIA sent a total of 922 requests to reporting entities, requesting financial intelligence and relevant information to assist in the conduct of their functions. Most of these requests were sent to the commercial banks followed by Trust companies. Most of the request were sent during 2015 and 2016 and correlates with Table 3.1 above. The finding is a clear indication that the FIA is accessing and utilising financial intelligence and relevant information from a broad sector of competent authorities and private sector officials including FIs and DNFBPs. 150. The assessment team reviewed 8 cases provided by the FIA to demonstrate among other things the agency’s use of financial intelligence and relevant information to conduct its functions, including operational analysis and subsequent dissemination. Based on the review of these case studies, the assessment team found that the FIA has demonstrated that information is being requested from a wide range of databases to conduct its functions, which include conducting strategic analysis. A review of these 8 cases also showed information from the RTCIPF, Immigration Department, FIs, open sources, domestic authorities and in some instances foreign counterparts were accessed and used to determine the suspect’s criminal background, financial profile, business relationships and travel history. 151. The effort of the agency’s access and incorporation of the financial intelligence and relevant information in its functions is acknowledged in a positive manner. The access to financial intelligence and relevant information by the FIA has led to some positive outcomes including identification of assets by LEAs. However, despite this effort, there were limited outcomes from the access and use of financial intelligence by the FIA and LEAs as is shown in this Chapter of the report, based on the risk and context of the jurisdiction. The case example below provides a summary of the good use of financial intelligence by the FIA which resulted in the identification and subsequent restraint of funds.
BOX No. 3.1. Case study of the use of Financial Intelligence 2017 – ‘Source of funds’ Case No. 512017/1176 The SARs The FIA received a SAR from a FI operating in the TCI regarding one of its customers (Customer X) who deposited the sum of USD 77,300 comprising of 773 one hundred dollar unblemished and sequential notes (2006 series) into an account
Mutual Evaluation Report of the Turks and Caicos Islands
│ 53
of a legal person, called ‘entity Y’ which is owned by Mr. X and his wife. The legal person is duly registered to operate in the TCI with the nature of its business being short-term rental accommodation in the TCI. The FI upon receipt of the funds from Mr. X questioned him as to the source, to which Mr. X responded that it was for construction purposes. Following the receipt of the initial SAR, 2 further SARs were received from the same FI by the FIA regarding deposits of USD 40,000 by a different customer. The FI questioned the customer about the source of funds and he indicated that the funds came from Mr. X on whose behalf they were providing a service. A few days later, Mr. X deposited USD 10,000 into his entity’s account. Upon being questioned about the source of the cash deposited, Mr. X became annoyed.
Operational analysis The FIA conducted review and conducted an operational analysis of original SAR received to ascertain possible offences of ML, TF, counterfeit currency and false declaration of funds. The FIA in its analysis, first conducted checks of its own database and other databases to which it has direct access for information on Mr. X. Those checks revealed that Mr. X has not featured in those databases. The FIA also utilised open source of information by checking search engines such as Google. Those checks revealed that that Mr. X was the previous owner of a company which he sold. To avoid the dissipation of the funds on Mr. X’s and that of the owner of the firm’s accounts a freezing order was obtained in accordance the POCO. Upon receipt of the order, the FIA served same on the FI relative to the deposits of USD 40,000 and USD 10,000 both of which were held by the bank at the time. The FIA informed the FCU accordingly of such decision.
Information from FIs and Government agencies To further assist in the analytical process the FIA requested and queried various government agencies including the company registry for BO information and Customs Department relative to Mr. X travelling history and to determine whether he had declared any currency during any of his recent travels. The FIA also queried the databases of FIs to obtain information relative to cash declarations and bank accounts.
International Request The FIA also contacted their US LEA colleagues to obtain information relative to the notes deposited, including their authenticity and whether the cash was declared from the USA by Mr. X during any of his recent travels to the TCI.
Intelligence report disseminated The FIA based on its analysis which includes the use of financial intelligence and relevant information disseminated an intelligence report to the FCU, who in conjunction with the ODPP filed an application for a restraint on the funds held in the subject’s company account.
International Results Based on the sharing of the information with their foreign counterparts, a few months following Mr. X deposit of USD 10,000, he and his wife were in route to the TCI from Europe when they were subject to a secondary screening at a US port of entry. During this search the sum of USD 100,000 was found concealed among their clothing and folders they had. Mr. X and his wife were arrested for bulk cash smuggling, one was charged and convicted and presently awaiting sentencing.
152. The case referenced above demonstrates the FIAs use of financial intelligence and relevant information, the quality of the FIA's operational analysis in this particular situation and the excellent awareness of the FIA to spontaneously share the information with their foreign counterparts. This sharing of information resulted in one of the subjects being arrested in the USA. However, there were no prosecution or confiscation in the TCI by LLEAs, as a result of the suspected criminal activities which occurred within the TCI.
Mutual Evaluation Report of the Turks and Caicos Islands
54 │
3.1.2. Access and use of financial intelligence and relevant information by LEAs and other Competent Authorities
153. Most competent authorities, including LEAs, have some level of awareness and understanding of the value of financial intelligence and relevant information to their functions and are requesting such from the FIA. This action is commendable and is also encouraged. Nevertheless, there is a need for increased utilisation of financial intelligence and relevant information to a greater extent to achieve more outcomes. Requests made by the FIA to other agencies are captured in tables 3.1 and 3.2. The information represented on table 3.3 below shows the extent to which competent authorities are requesting financial intelligence and relevant information from the FIA, which is the main repository for such information. 154. The FCU, the premier LEA responsible for the investigations of financial crimes and ML in the jurisdiction, made a total of 39 requests to the FIA, which represents the highest number among all LEAs and other competent authorities. Approximately half of those requests were responded to by the FIA within 30 days. Although the FCU’s efforts to use information is commendable, taking into consideration the ML/TF risk and context of the jurisdiction, including it being an IFC and the role of the FCU in conducting ML investigations, there is an expectation that the FCU should be utilising the FIA to a greater degree in accessing financial intelligence and relevant information. 155. There is also a concern that almost half of the FCU’s requests to the FIA took more than 60 days to be completed by FIA. The delay for such response is largely based on several factors such as: lack of information contained in the request, the nature of the request - including the volume of information requested and the lack of resources at the FIA, primarily human, despite the authorities indicating international and local request are prioritised. The time period taken to process these requests and those from other competent authorities by the FIA should be of concern to the jurisdiction and likely to have cascading effect on IO.7 and IO.8, including the timeliness in which investigations conducted and the identification, tracing, freezing and subsequent confiscation of assets. 156. The IC plays a critical role in fighting corruption within the TCI. The information provided shows that the IC made only 4 requests over a 4-year period and is suggestive that the authority is not fully utilising financial intelligence, relevant information and the resources of the FIA. The Customs and Immigration Department made the least with 1 request each. Among the LGAs, the FSC submitted the most requests (17) which were all responded to within 30 days. The information provided shows that the FSC has increased the number of requests to the FIA yearly, though the amount is still considered as minimal by the assessment team taking into consideration the risk and context of the jurisdiction. Nevertheless, it does shows that the FSC is utilising the information from the FIA in conducting their functions including fit and proper checks. Table 3.3. No. of request sent to the FIA by competent authorities and other agencies.
Years Time taken to process request Agency 2014 2015 2016 2017 1-30 days 31-60 days Over 60 days Total Customs - - - 1 - - 1 1 Immigration 1 - - - 1 - - 1 Integrity Commission - - 4 - - 3 1 4 RTCIPF -CID - 1 2 - 2 - 1 3 RTCIPF - FCU 12 6 7 14 19 2 18 39
Mutual Evaluation Report of the Turks and Caicos Islands
│ 55
SIPT - 1 - 1 1 - 1 2 AGC - - - 2 1 - 1 2 FSC - 4 6 7 17 - - 17 Total for each year 13 12 19 25 41 5 23
157. The information presented on the table above shows a total of 69 requests for information from LEAs, including the FCU, RTCIPF-Criminal Investigation Department (CID), Customs Department, Immigration and SIPT. Two of the 69 requests received resulted in 2 prosecutions in 2014 and 3 prosecutions for predicate offences in 2017. Two of these cases were still before the courts at the time of the on-site visit and one was dismissed due to insufficient evidence. The FIA’s analysis also resulted in 2 applications for restraint orders in 2017 and 2018 respectively. Further, the assessment team was informed that the financial intelligence and relevant information disseminated by the FIA have been utilised by the different agencies to conduct their functions, though in most instances, no evidence was provided to support the statement. 158. The FSC utilised the information provided to inform its supervisory functions, including the conduct of on-site inspections of the reporting entities it supervised. Regarding the IC, the assessment team was informed that given the nature of its work and strict secrecy demands, the IC cannot discuss how it conducts its functions. In this particular situation, the assessment team is unable to provide a synopsis as to how the IC utilise the information it received from the FIA in its functions. 159. Following a FIA’s disclosure, the Customs and Excise utilised financial intelligence and relevant information to trace the cross-border movement of funds from the jurisdiction. The case study below shows Customs Department utilising financial intelligence and relevant information provided by the FIA to initiate an investigation. Due to the on-going investigation, this case has been redacted significantly.
BOX No. 3.2. Case study of the use of Financial Intelligence - Customs Following the receipt of a disclosure from the FIA, Customs commenced investigations into a company to determine whether false declarations were made to the department. During its investigation, customs received records (invoices etc) from the company and cross-checked same against its databases including Automated Systems for Customs Data (ASYCUDA World) and discovered that there were several discrepancies.
As a result of its investigation and the discrepancies identified by the Customs Department, the department along with the RTCIPF executed search warrants at different properties and recovered material that were of material value to the investigation. These documents were reviewed, and other actions were triggered by the customs department. The matter is still engaging the Customs Department and other agencies in the TCI.
160. Responses from the requests, as indicated in Table 3.3, 41 (59.4%) were processed within 30 days of receipt, 5 (7.3%) within 30-60 days, and the remaining 23 (33.3%) took 61 or more days. For the FIA to honour any request made it is often required that information be obtained from other entities which include FIs, DNFBPs and foreign LEA’s which in some cases may cause a delay in the response time by the FIA. These delays are sometimes further compounded in some instances by the agency requesting the information from the FIA, as insufficient information is
Mutual Evaluation Report of the Turks and Caicos Islands
56 │
contained in the request. In those cases, the FIA routinely update its requestors with the progress of their request. 161. The FIA recognised the need to provide training to LEAs to sensitise them on the importance of the FIA and the need to incorporate the use of financial intelligence into their operations. In an effort to address this need, the agency has conducted one training exercise with the RTCIPF in 2016 and another in 2018. Acknowledging this effort, additional training and awareness of LEAs in understanding the importance of the FIA and the use of financial intelligence and relative information to their functions is necessary. 162. Although all competent authorities have demonstrated that they are accessing and utilising financial intelligence and relevant information in their functions, taking into consideration the risk and context of the jurisdiction and the findings as detailed in the NRA, there is still a greater need, primarily the LEAs who are involved in the investigations of high-risk predicate offences and ML, to make greater use of financial intelligence and to demonstrate more tangible outcomes from such access.
3.1.3. STRs received and requested by competent authorities 163. The FIA is the sole agency authorised to receive STRs/SARs in the TCI (see criterion 29.1- TC Annex). The authorities have provided information that demonstrates that the FSC had requested that STRs/SARs be submitted following the completion of an on-site inspection. STRs/SARs are generally received by the FIA electronically, via email or hand delivered. The contents of the STRs/SARs are vetted by an analyst in a secure area at the FIA and entered in the FIA’s database by an FIA analyst. This is followed by an acknowledgement sent to the reporting entity. Reports received by the FIA are prioritised on a risk-based approach; the FIA uses a risk matrix that they’ve developed which weighs the risk of the report received to determine the urgency of the enquiry and analysis. In conducting this analysis information is requested from several agencies. Although the TCI does not have direct taxation, the FIA can obtain information from LGAs that have aspects of taxation, such as the Customs and Revenue Department, to complete the analysis of a STR and to conduct their other functions. 164. The FIA has received a total of 213 STRs/SARs from FIs and DNFBPs (see Table 3.4 below) during the period under review, an amount that is considered to be low taking into consideration the risk and context of the jurisdiction. A total of 165 reports (77%) of the total amount of STRs/SARs were received from FIs and 46 (22%) were received from the DNFBPs. This figure is consistent with the fact that FIs are expected to be submitting more reports to the FIA than DNFBPs based on vulnerability. The amount is nevertheless minimal taking into consideration the context of the TCI and the absence of mitigating measures by some reporting entities. FIs and DNFBPs are required to submit STRs/SARs to the FIA on the prescribed form which captures the information required by the FIA. 165. Some STRs/SARs received from reporting entities demonstrated that the reports were of good quality, based on the sample of STRs reviewed by the assessment team. There were others which the assessment team found lacked quality and needed further clarity or development based on the review of a sample of STRs reviewed by the assessment team and the limited amount that have resulted in dissemination. In several instances, the FIA has requested additional information from the reporting entities submitting the report to conduct its analysis. A significant amount of the STRs analysed by the FIA have resulted in minimal outcomes such as intelligence reports disseminated to competent authorities and lack of outcomes were derived. The information provided shows that the majority of the STRs/SARs were filed based on the following indicators; (i) unverified source of funds, (ii) client profile, (iii) adverse media reporting, (iii) structuring and
Mutual Evaluation Report of the Turks and Caicos Islands
│ 57
(iv) large volume of transactions. The identified suspected offences were mainly fraud and forgery.
Table 3.4. Number of STRs/SARs received by the FIA (between January 1st, 2014 - December 31st, 2017)
Category/Sector FIs 2014 2015 2016 2017 Total Commercial Banks 26 8 21 22 77 MSBs 4 21 43 13 81 Private Banks - 3 - - 3 Insurance Company/Broker 3 - - 1 4 Trust businesses 4 2 2 2 10 CSP 2 2 7 - 11 Mutual Funds Administrator - - - - 0 Investment Companies - - - - 0 DNFBPs Casinos - - - 4 4 Gaming Parlour - - - - 0 E-Gaming - - - - 0 Law Firm/Attorney 6 5 1 5 17 Real Estate Agency/Agent - - 1 3 4 Real Estate - - - - - Lending (Micro and pay-day - - - - 0 Car Dealers - - - - 0 Jewellers - - - - 0 Other 2 - - - 2 TOTAL 47 41 75 50 213
166. The table above shows the yearly breakdown of STRs/SARs submitted to the FIA during the period 2014 - 2017. As stated above, FIs submitted 75% of the total, with MSBs submitting the highest amount of 81 and Private Banks the lowest amount of three. There was a noticeable spike in reporting by all the sectors in 2016 with a total of 75 reports submitted. Defensive reporting was a major factor attributable to the increased reporting. In the absence of any detail risk mitigation measures by some of these sectors to prevent ML and TF, the assessment team believes that the level of reports that were submitted by the reporting entities in the TCI appear to be very minimal, taking into consideration the risk and context of the jurisdiction and is reflective of the minimal and in some instances no training and outreach by the FIA and the FSC to bring awareness to some sectors (see Chapter 5 - IO. 4). 167. Following the receipt and analysis of a STR, the FIA categorised their status as active, closed, closed-intelligence and closed (no further action). The information received and is reflected on the table below shows that from the STRs/SARs received by the FIA in 2014, 60% were closed in the following year. The information shows that most of the STRs/SARs received by the FIA for the period 2016 and 2017 remain active. An increase in reports being received by the FIA has been noted by the assessment team and it is likely that with the current staff complement, will need more human resources to adequately support the operational needs of the
Mutual Evaluation Report of the Turks and Caicos Islands
58 │
FIA. The increase in SARs/STRs may also affect the quality of the FIA’s analysis if the current staff complement is not resolved. 168. Table 3.5 below shows that the FIA has taken some form of action against all the STRs/SARs received during the period under review. The information shows that 97 reports were closed (i.e. when these reports were analysed by the FIA subsequent intelligence reports were produced and either submitted to LEA’s, foreign counterparts or were found to have no nexus to crime). A total of 116 remains active. The FIA has stated that matters listed as active refer to those that are inconclusive where reviews are periodically conducted and some of these reports are retained for intelligence purposes. Table 3.5. Yearly status of STRs/SARs received by the FIA
2014 2015 2016 2017 Total *Active 6 9 59 42 116 Closed 37 25 10 2 74 Closed - Intelligence 3 4 3 3 13 Closed - NFA 1 3 3 3 10 Total 47 41 75 50 213 *Calendar Year: 1st January to 31st December 169. There were 22 intelligence reports that were connected to STRs/SARs disseminated to LEAs (20) and LGAs (2). This amount is considered to be relatively low taking into consideration the number of STRs/SARs received and the materiality, risk and context of the financial sector in the TCI. The authorities attributed this minimal amount varying reasons including, no links to criminal activities following operational analysis and defensive reporting. 170. Besides FIs and DNFBPs submitting reports on their own volition to the FIA following their suspicion, the FSC in the conduct of its functions had requested that 2 entities, namely a real estate agent and an MSB submit STRs/SARs on a particular transaction. In both cases the outcome was that an STR/SAR was submitted to the FIA. 171. The authorities have indicated that outreach and awareness on STR quality is also addressed during the acknowledgement and feedback phase which is done within 24 hours of receipt. A review of the acknowledgement for the STRs/SARs received by the FIA was performed by the assessment team. Most of the documents were identified by the assessment team as acknowledgements of the receipt of the STRs, with some containing requests for additional information and feedback to the reporting entity on the quality of the STRs. Nevertheless, the assessment team finding is that there is a need for continuous feedback to reporting entities about the quality of the STRs filed. 172. The FIA in conjunction with the FSC has conducted a total of 11 outreach and awareness sessions with some FIs and DNFBPs (see Table 3.6 below). The efforts of the FIA in conjunction with the FSC is commendable and encouraged. Nevertheless, these outreach and awareness are limited and does not seemingly involve all the entities that are required to file reports. These outreach and training sessions also targeted the Money Laundering Reporting Officers (MLROs) and Money Laundering Compliance Officers (MLCOs), who are critical to the process of identifying and filing STRs/SARs with the FIA.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 59
Table 3.6. Outreach and awareness sessions conducted by the FIA/FSC
Sector/ Entity 2014 2015 2016 2017 2018 Total *Law 1 - 1 - - 2 *MSB 1 - 1 - - 2 *Private Sector (FIs) - - - - 1 1
*Public and Private - 2 1 - 3 Sector Police - - 1 - 1 2 *Real Estate/Realtors - - - - 1 1 Total 2 2 3 1 3 11 *Attendees of the O&A sessions also consisted of MLROs/MLCOs.
Currency Declaration
173. The FIA received from the Customs Department a total of 9 declaration reports in 2018. Six relating to incoming passengers and 3 outgoing passengers (see – IO.8). Prior to July of 2018, there was no mechanism in place for customs to share this information with the FIA. However, on the basis of an MOU signed between both agencies all incoming and outgoing customs declarations are required to be shared with the FIA. All declarations were analysed and there were no links to criminal activities.
Table 3.7. Days taken for Declarations to be submitted to the FIA (between 12th February 2018 - 21st September 2018).
Declarations Timeframe (days) Total 1-30 31-60 61 or more Inbound 6 - - 6 Outbound 3 - - 3 Total 9 - - 9
174. Table 3.7 shows that there was a total of 9 currency declarations, 6 of which represents inbound transactions and three representing outbounds. All currency declarations were submitted to the FIA in a timely manner.
3.1.4. Operational needs supported by FIU analysis and dissemination
(a) Operational Analysis
175. The staff of the FIA is comprised of 3 persons, namely; the Director, and 2 analysts, one of whom also has the responsibility for Information Technology (IT). The FIA acknowledges that it is understaffed, as there are positions that remain vacant based on the organisation structure approved by the Board of Directors. Key vacancies that have not been filled include that of; Deputy Director (Senior Intelligence Officer) and Intelligence Officer/Analyst. Although it was
Mutual Evaluation Report of the Turks and Caicos Islands
60 │
noted that these the vacancies only impact the administrative functions of the FIA, the assessment team takes note that two of the positions are important to the core functions of the FIA. The authorities nevertheless acknowledged the need to address the resourcing issue. 176. The ultimate responsibility on whether a STR should be analysed and disseminated resides with the Director. As mentioned previously, STRs/SARs, are risk rated and prioritised when received and are assigned to an analyst. To further develop and analyse STR’s, the analyst is required to make requests to various entities to access financial and relevant information, with information presented to the assessment team that this is being done (see Tables 3.1 and 3.2). In an effort to generate a complete analytical product that is beneficial to competent authorities and to complement its human resources, the FIA also utilise IT software such as IBM iBase, i2 and Altia. However, both pieces of software were acquired in 2017 and were therefore not utilised to enhance the operational analysis of STRs/SARs during the period 2014-2016. 177. Table 3.8 shows the training that staff of the FIA have participated during the period 2014- 2017. Table 3.8. FIA training 2014-2017.
Date Training
3rd - 7th March 2014 Strategic Analysis Training 16th - 17th March 2015 Money Laundering Workshop 23rd - 24th March 2015 10th CFATF Compliance Conference on AML/CFT 13th - 16th July 2015 FINTRAC/ EGMONT Supervisory Course (ESC) 7th - 18th March 2016 Financial Investigation 20th March 2017 Altia Investigation Toolkit 27th March 2017 Altia Analysis Toolbar 3rd April 2017 Altia Analysis Toolbar 10th – 14th July 2017 FATF 4th Round Assessor training 28th August - 1st September 2017 Analyst Training for Financial Intelligence Units 11th September 2017 Money Laundering and Proceeds of Crime Training (refresher) 29th November - 1st December 2017 CFATF Standards Training
178. FIA staff has received numerous trainings and has amassed some levels of expertise during their tenure at the agency to assist in conducting their core functions. Training in analysis and other FIU relative fields has been provided to staff in an effort to develop their competencies. The assessment team reviewed information on training that was provided outside the assessment period and observed that a wide array of domestic, regional and international training in the area of ML and analysis were provided to the FIA staff. During the period under review a total 12 training courses were attended by staff, with the numbers increasing yearly (see table 3.8 above). The increase in numbers is a clear sign of TCI’s government’s commitment to develop the staff capacity and is commended. Nevertheless, only two of the training courses that were attended during this period were in relation to strategic and operational analysis, which represents the FIAs’ core functions. 179. The FIA disseminates its intelligence reports following the analysis of a STR to LEAs, primarily the FCU. Intelligence reports are also disseminated to the other competent authorities including other LEAs such as the Criminal Investigation Department (CID) within the RTCIPF
Mutual Evaluation Report of the Turks and Caicos Islands
│ 61
and the SIPT based on requests for information. The FIA provides feedback forms to the recipients of its analytical products, in an effort to receive recommendations or suggestions on the quality of the intelligence product received and further actions that are needed. A sample of the feedback forms reviewed by the assessment team showed that none of the FIA disclosures to local LEAs had led to any new investigations. Nevertheless, the disseminations provided useful information regarding known and unknown subjects. Few disseminations have led to outcomes such as prosecution and restraint of assets domestically. 180. The FCU described the reports received as of good quality and as contributing to their work. The information provided to the assessment team shows that as a result of the FIA operational analysis, LEAs in conjunction with prosecutorial authorities were able to obtain five prosecutions for predicate offences and two restraint orders. The assessment team commends the authorities for achieving these results and is a clear indication that FIA’s operational analysis is supporting the efforts of LEAs to some extent. However, taking into consideration the risk and context of the jurisdiction, the outcomes achieved thus far, it does not appear that the FIAs operational analysis is supporting the competent authorities to a large extent. The FIA authorities indicated that there were multiple informal discussions with the Police counterparts on FIA disseminations, however these discussions were not documented and needs to incorporate all LEAs. The limited outcome is compounded by competent authorities, primarily LEAs lack of training and expertise in the effective use of financial intelligence 181. Samples of Intelligence Reports that were disseminated by the FIA to the FCU were reviewed demonstrate good levels of operational analysis by the FIA, despite the need for continuous training and resources. Information contained in the report include: photo identifications, occupations, biographical information of the subjects, source evaluation ratings, intelligence evaluation ratings, the nature of the report, investigations conducted by the FIA, account information, key findings, inferences and the FIA analyst’s beliefs (including suspected offences). The reports demonstrated the good use of financial information and relevant information by the FIA and also include comparative analysis of the subjects’ legitimate earnings and the activities they were conducting. Nevertheless, the assessment team believes that some of the intelligence reports reviewed can benefit from more in-depth analysis to include possible identification of assets, associates, more detail financial information including banking information and possible information from foreign counterparts (as some reports had international nexus). Obtaining and including this type of information would provide more information to the user of those intelligence reports and to identify possible associates and assets. Further, those particular reports would have benefitted from the use of technology which would have made the dissemination more easily understandable by the investigators and provide linkages between the suspects, senders and associates. 182. Although it is acknowledged that the use of analytical software should be considered on a case by case basis, there is nevertheless an expectation that the use of technology will greatly contribute to the enhancement of the analysis of STRs/SARs that are complex in nature and involves multiple persons, bank accounts, transactions and entities. The use of such of analytical software will also allow the user of the intelligence products to have a better understanding of the flow of the proceeds and individuals involved. 183. The foregoing shows that the FIA may not be utilising software to a large extent or that STRs that may include potential complex ML cases are not frequently received and therefore does not warrant the use of such technology. Taking into consideration factors such as the risk and context of the jurisdiction and the intelligence reports disseminated are used as an indicator for ML in most instances, the likelihood exist that complex ML cases are not properly identified through the STRs received (see IO.7).
Mutual Evaluation Report of the Turks and Caicos Islands
62 │
(b) Disseminations
184. From the 213 STRs/SARs received by the FIA (see Table 3.5), a total 22 intelligence reports (10.3%) were disseminated to competent authorities, including LEAs. Fourteen of the 22 intelligence reports disseminated to LEAs and LGAs, were investigated and have resulted in very limited outcomes, such as, prosecutions for ML and associated predicate offences. The investigations into these intelligence reports by LEAs revealed that there was insufficient evidence to consider criminal charges against the persons listed in the report, due to factors such as the suspect being a foreign national who is not present in the jurisdiction and the threshold of beyond reasonable doubt is not met. Several investigations into these intelligence reports are ongoing, with one case considered for confiscation utilising the civil recovery regime. Outside of the written feedback that is provided by LEAs and competent authorities on the usefulness of the reports , there is no evidence to demonstrate any active discussions and meetings between the different LEAs and the FIA on ways of advancing the relevant cases and to ensure that the FIA’s analysis supports their operational needs. 185. The TCI authorities attributes the low ratio of disseminations (22) in comparison to number of STR’s (213) received to STRs/SARs not meeting the threshold (reasonable grounds to suspect ML or that an associated predicate offence had occurred). Another reason for the lack of dissemination includes; findings of the person(s) in the report following analysis were not involved in criminal activities and can be attributed to defensive reporting. Although the FIA has created guidance in the identification of STRs/SARs, the deficiencies in the STRs/SARs are evidence of the need for more guidance and feedback to reporting entities on identifying and reporting quality STRs/SARs which will lead to more quality dissemination. 186. Fraud represents one the main suspected predicate offences that was identified by the FIA based on their analysis of STRs/SARs and was followed by the offence of ML (see Table 3.8 below). This finding is aligned with that of the NRA, as threats that affects the jurisdiction. However, only one dissemination had a direct nexus to drug trafficking, with none having a direct nexus to corruption, despite these being identified in the NRA and by some of the authorities during the on-site visit respectively as being high risk for ML. The assessment team therefore believes that there is a likelihood that proceeds from these offences are not identified and reported by the reporting entities or other means are employed by criminals to launder their criminal proceeds from these offences. Table 3.9. Suspected activities related to Intelligence report disseminated.
Entity/ Suspected Activities 2014 2015 2016 2017 Total LEAs Concealing Criminal property - - - 1 1 Currency smuggling - - - 1 1 Drug Trafficking 1 - - - 1 Forged Currency - - 1 - 1 Forgery - - 1 - 1 Fraud 1 3 - - 4 Immigration related 1 1 1 - 3 Lotto Scamming - 1 - - 1 Mail Fraud 1 - - - 1 Money Laundering 1 2 1 - 4 Sale of criminal proceeds - - - 1 1 Uttering false notes - - 1 - 1 LGAs
Mutual Evaluation Report of the Turks and Caicos Islands
│ 63
Fraud - 1 - - 1 Contribution fraud 1 - - - 1 Total 6 8 5 3 22
187. The table below shows the competent authorities to which the FIA has disseminated its intelligence report. The LEAs that received disseminations were the FCU, Immigration and SIPT. The FCU being the premier investigative agency for ML and other associated predicate offences that are financial in nature received 73% of the reports, with the SIPT who received one report. The FSC and the NIB were the only 2 LGAs that received disseminations. Dissemination to the different LEAs, especially the FCU, continues to fluctuate. All disseminations for the respective years remain in single digits and is not reflective of the ML/TF risk and context that is as associated with the jurisdiction or other similar IFCs. The assessment team believes that the minimal disseminations from the FIA to these agencies can be attributed to factors such as the lack of resources at the disposal of the FIA to conduct one of its core functions (analysis) and the lack of quality reports from the reporting entities. Table 3.10. Intelligence Reports sent by FIA to LEAs and LGAs.
Competent Authority 2014 2015 2016 2017 Total Immigration 1 1 1 - 3 RTCIPF-FCU 3 6 4 3 16 SIPT 1 - - - 1 FSC - 1 - - 1 TCI-NIB 1 - - - 1
Total 6 8 5 3 22 *Calendar Year: 1st January to 31st December
Table 3.11. Results of intelligence reports disseminated by the FIA to Competent Authorities.
Entities No. of Reports Investigations Arrest Prosecution Conviction Confiscation FCU 16 13 - - - 1 FSC 1 - - - - - Immigration 3 1 - - - - NIB 1 - - - - - Total 19 14 0 0 0 1
188. The information presented demonstrates that LEAs and competent authorities who were the recipient of the intelligence reports received by the FIA has made limited use of such reports. In the absence of any other factors, the assessment team findings based on the information on the table shows the FIA’s analysis does not consistently support their operational need. The assessment team therefore believes that there is a need for continuous training, dialogue and sensitisation between the FIA and the agencies that received its intelligence products, as there is very little evidence of this. The assessment team’s finding also revealed that there is also a need for competent authorities who received the intelligence products from the FIA to provide feedback in all instances, written or orally on the quality of the products they receive from the FIA in an
Mutual Evaluation Report of the Turks and Caicos Islands
64 │
effort to have the FIA strengthen its analysis should any deficiencies be identified. The case below illustrates the FIA’s analysis supporting the operational need of the FCU.
BOX No. 3.3. Case Example FIA analysis supporting operational needs of competent authorities. The FCU following the dissemination of an intelligence report from the FIA in July 2014, conducted investigations into Mr. X’s financial affairs and background. The investigations revealed that Mr. X is a convicted drug dealer in another jurisdiction with no legitimate sources of income. The investigation revealed that Mr. X formed a registered company in TCI and between 2010 to 2013 conducted several wire-transfers into the TCI financial institutions. These monies were suspected be proceeds from the Mr. X unlawful conduct.
The FCU obtained a production order in accordance with the POCO and served same on the financial institution with the intention of obtaining Mr. X financial records. The information provided as a result of the production orders showed that Mr. X was the owner of real and personal property to the value of USD 1 million. The FCU and other competent authorities engaged the jurisdiction in which Mr. X was convicted informing them of the discovery of assets. A restraint Order was subsequently obtained in relation to the properties. An application for civil recovery is in its final stage with a view of forfeiting the properties through the civil forfeiture mechanism.
(c) Strategic Analysis
189. The FIA has demonstrated that it is conducting strategic analysis, as evidenced in its annual reports which are published on its official website, and easily accessible by all reporting entities. In these reports, trends and typologies are identified. The strategic analysis conducted shows that fraud seems to be a constant and persistent problem each year during the assessment period for both the reporting and investigating agencies. In its 2015 Annual Report, the FIA lamented that ‘Notwithstanding warnings to reporting entities to implement the necessary safeguards regarding instructions for wire transfers received via email and to use alternative methods to correspond with their customers/clients in order to confirm the instructions that they receive, some entities continue to submit to such instructions without consulting with their customers/clients. This may cause reputational damage and loss to the entity’. The foregoing suggests that there is a level of miscommunication between the FIA and the relevant reporting entities or that the reporting entities are flagrantly disregarding the FIA’s analysis and warning on the issue. However, the fact that the FIA indicated that it specifically issued warnings to the reporting entities in question indicate that the entities are ignoring the FIA’s analysis.
Table 3.12. Strategic Analysis.
Year Amount Nature To whom Disseminated 2014 1 Wire transfer fraud through email compromise. Public (FIA website)
2015 1 Fraud and Scam Competent Authorities 2016 - - -
Mutual Evaluation Report of the Turks and Caicos Islands
│ 65
2017 2 Report identifying reporting trends of entities in Competent Authorities comparison to previous quarters.
2018 4 Trends identified in comparison with previous quarters Public & Competent and cash advance schemes Authorities
190. The table above shows that during the period under consideration a total of eight strategic analysis projects consisting largely of ML trends and typologies within the jurisdiction were undertaken by the FIA-TCI. Whilst some of these reports were made available to the general public via publication in the FIA’s annual reports (published on the FIA’s website), most were disseminated directly to competent authorities, including the RTCIPF, Attorney General Chambers, Customs and the FSC. Whilst some competent authorities acknowledged that the information provided in the strategic analysis was useful, there is no information provided in the feedback as to how these products supported their operational needs.
3.1.5. Cooperation and exchange of information/financial intelligence
191. The FIA has signed MOUs with the following LGAs: NIB, FSC, IC, Land Division, Customs Department, Business Licencing Unit, Revenue and Control Department. There are no barriers that prevent the sharing of information and financial intelligence between competent authorities, despite the only recent signings of MOUs. Nevertheless, there appears to be a lack of coordination among the agencies involved with investigations of ML and associated predicate offence, as it relates to bringing investigations to a successful outcome (see IO7). 192. While there have been multiple informal discussions by the FIA and their police counterparts on the importance of FIA’s disseminations, as well as an MOU with the RTCIPF, the findings of the assessment team are that there is a need for formalised meetings where possible among the LEAs and the FIA to discuss and advance cases and not solely placing reliance on the feedback form. 193. The FIA creates a secure communication environment through the establishment of SPOCs, which the FIA staff communicates with LEAs and LGAs mainly via email on non-sensitive matters. Sensitive information is secured via password protected documents and the email platform uses encryption to communicate. The FIA’s office is equipped with the relevant security arrangements in place for receiving, storing, exchanging and accessing information and is considered to be adequate.
Overall conclusions on IO.6
194. The TCI is rated as having a moderate level of effectiveness for IO.6.
Mutual Evaluation Report of the Turks and Caicos Islands
66 │
Immediate Outcome 7 (ML investigation and prosecution)
3.1.6. ML identification and investigation 195. ML activities identified, investigated and prosecuted in the TCI are not consistent with the country’s threats, risk profile, and national AML/CFT policies (see Chapter 2 - IO.1). The foregoing statement is based on the findings of the assessment team and reflected throughout this section of the report. Nevertheless, LEAs have demonstrated that they are investigating and prosecuting ML offences to some extent. The information provided by the jurisdiction shows that there have been minimal investigations and prosecutions for ML activities in the TCI during the period under review (see Table 3.9). 196. The FCU, a department within the RTCIPF is the unit that is tasked with the responsibility of investigating all types of financial crimes, ML and TF. The Unit is also charged with the responsibility of conducting some level of parallel financial investigations to identify possible ML offences and trace and identify assets following the commission of an associated predicate offences. The other investigative authorities and agencies that are responsible for the identification of potential ML cases as a result of their operations are: the FIA, IC, Customs, Immigration and departments within the RTCIPF such as the Criminal Investigation Department. Having identified potential cases of ML that may have resulted from their investigation into associated predicate offences, these agencies are required to refer these cases to the FCU for further investigations. However, there is no documented requirements and procedures such as departmental orders or MOUs for such and this is only being done on ad-hoc basis. 197. Further, the FCU does not have a formal policy for the prioritisation of ML investigations based on factors such as risk. Moreover, there is no standard procedures for monitoring the progress of ML investigations and process in place to guide the officers at the FCU to conduct investigations based on risk and complexity of ML cases. Nevertheless, the Unit has implemented a ‘Financial Investigation Plan’ which is used by investigators within the department on a case by case base to evaluate the cases. The assessment team commends the authorities for the implementation of such plan as it does provide the investigators and the Head of Department with guidance on the management of cases, including strategic and operational objectives, resources available and the structure of the investigation. 198. Upon receipt of a report by the FCU, a review is first undertaken to determine the urgency of the matter. The outcome of this review is then utilised to guide the investigative process that follows. Despite the TCI being an IFC where the likelihood that complex ML cases may occur, there was only one reported complex ML prosecution during the period under review. 199. The FCU has a staff of 3 persons who are tasked with conducting all investigation of a financial nature and ML offences. The staffing includes a senior police officer who is responsible for the overall supervision of the department and who has an extensive background and has received training in financial crimes investigation. Staff of the FCU has been exposed to some level of ML investigations training (see Table 3.13 below) and has developed some level of expertise due to their years of experience within the agency in conducting ML investigation. Nevertheless, the FCU is insufficiently staffed, lacks the relevant resources and is in need of continuous training to effectively conduct its functions. The lack of resources is clearly identified in a review of one of the samples from a completed Financial Investigation Plan. In this review the department personnel indicated ‘the organisation lacks resources, however, will be in a position to manage the investigation’. Taking into consideration factors of risk and context of the TCI, the assessment team believes that the resources (i.e. technical and human) provided to the premier agency tasked with the identification and investigation of ML offences in the TCI is
Mutual Evaluation Report of the Turks and Caicos Islands
│ 67
insufficient and hampers the effectiveness of the agency to conduct its functions. This is further compounded by the limited continuous training in the area of ML investigations. Table 3.13. Training attended by FCU Staff for the period 2014-2018.
Date Name of Training Agency/Location 12-14 November, Caribbean Gaming Forum (Improving Miami, United States of 2014 Compliance, Regulation and Cooperation) America 24-25 March, 2015 AML/CFT Compliance Conference CFATF, TCI 8-10 September, Civil Forfeiture Workshop Foreign and 2015 Commonwealth Office 6-8 October, 2015 Encase Computer Forensic 1 Guidance Software 24-26 February,2016 Civil Forfeiture Workshop Foreign and Commonwealth Office 17-18 March, 2016 Fraud Prevention Workshop US Embassy, TCI 18-19 April, 2016 Senior investigators Development Course Not provided 25 May 2016 Anti-Corruption Workshop Miami 9-20 January 2017 Financial Investigation Course RSS-ARU, Barbados 24-28 April,2017 Asset Recovery and Confiscation RSS-ARU, Barbados November- Standards Training Course CFATF, TCI December 2017 3-5 April,2018 Asset Recovery Training TCI Authorities July-August 2018 Specialist Fraud Investigation UK September, 2018 Specialist Fraud Investigation UK
200. The information presented on the table above shows that a total of 14 training courses were attended by staff at the FCU during the period 2014-2018. Although these trainings are of relevance to the work of the FCU, very few apply to the integral work of identification and investigations of ML. The authorities must nevertheless be commended for the continuous development of the FCU, despite the need for more training. 201. ML investigations and activities in the TCI are typically identified and triggered by various mechanisms including proactive and reactive measures such as, intelligence reports and investigations into complaints of predicate offences that may lead to a parallel financial investigation. 202. The largest and most complex ML investigation and prosecution in the TCI was nevertheless identified and triggered as a result of a Commission of Inquiry in 2009. The terms of reference for that commission includes, to inquire whether its information that corruption or other serious allegations of dishonesty in relation to past and elected members of the House of Assembly may have taken place and to submit its preliminary findings and recommendations. Following the conclusion of this Commission of Inquiry and the submission of the findings, a Special Prosecutor and subsequently the SIPT was appointed by the Governor to conduct the necessary investigations. The mission of the SIPT was to investigate, prosecute and recover the proceeds of crime through criminal and civil measures. The SIPT consist mainly of investigators and prosecutors from outside of the TCI with the relevant skills and expertise in investigation, managing and prosecuting the case but is supported financially by the Government of the TCI.
Mutual Evaluation Report of the Turks and Caicos Islands
68 │
203. The intelligence reports disseminated by the FIA which are derived from the operational analysis of STRs/SARs are used as the main ML indicators to elicit suspicion and in turn trigger an investigation. From the early on-set on a ML investigation by the FCU, the ODPP is contacted and consulted to provide guidance and support to the investigation. Should there be a sufficiency of evidence to prove the crime, beyond a reasonable doubt, the ODPP would make the necessary recommendation on the charges that should be preferred against the subject. The assessment team applauds the FCU and the ODPP for having such structured and proactive approach. However, the results generated from this approach thus far has resulted very little results and not commensurate with the ML risk identified in the NRA. 204. In conducting its investigation into ML and other associated predicate offences that are of a financial nature, the FCU utilised traditional methods of policing such as obtaining search warrants and obtaining statements. It also relies on requesting information from the FIA and obtaining of investigative orders such as production orders as provide for under POCO. The information provided shows that a total of 10 production orders were obtained by the FCU during the period under review (see Table 3.14 below). 205. Despite demonstrating that the FCU is conducting investigations into ML offences in light of its limited resources, the assessment team finding suggest that the department is not aggressively pursuing ML cases, taking into consideration the risk and context of the jurisdiction. This finding is arrived at due to the minimal requests for information by the FCU as the major investigator of financial crimes (see IO. 6) and the limited number of investigative orders. These lack of investigatory orders and requests for financial information also has a cascading effect on IO.8 which shows that LEAs are not aggressively targeting and identifying assets for confiscation. Table 3.14. Production Orders.
Year Amount Offence Local/Foreign MLAT/LoR offence 2014 2 Theft & ML Both No 2016 1 Fraud Local No 2017 4 Cash Smuggling, Both Yes (Outgoing MLAT in two Fraud and ML cases) 2018 3 Fraud & ML Both Yes (Incoming MLAT in one case) Total 10
206. The 10 production orders obtained by the LEAs relates primarily to the offences of fraud and ML. The information presented and reviewed by the assessment team showed that thirty percent of the orders obtained had a nexus to foreign predicate offences, with one applicable to an incoming MLAT. The information shows that the number of production orders obtained continues to fluctuate, with 2017 representing the year when most of the orders were obtained. Whilst it is commendable that LEA are utilising this investigative measure as a tool to investigate ML and other associated predicate offences, the number of orders obtained thus far is minimal, taking into consideration the risk and context of the jurisdiction.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 69
3.1.7. Parallel Financial Investigations 207. Although there are no documented procedures for the conducting of parallel financial investigation, the evidence presented to the assessment team shows that ML investigations in the TCI are also identified and triggered by the conducting of parallel financial investigation. For example, when a department within the RTCIPF investigates serious offences such as drug trafficking, fraud, robbery or theft that gives rise to the suspicion of a potential ML offence, the case is referred to the FCU. The case is referred so as to enable the FCU to conduct a parallel financial investigation to determine whether a ML offence was committed, or assets can be traced and identified (see. IO.8). Despite the presentation of evidence to demonstrate the foregoing, this procedure in place is ad hoc and is not communicated to all the agencies within the RTCIPF and to all competent authorities engaged in the investigation of predicate offences. It therefore means that the likelihood exists that there are instances where a predicate offence may have been committed and no parallel financial investigations conducted, including cases that are high risk for ML such as drug trafficking as is evidenced from the table below. 208. The case below demonstrates excellent inter-agency coordination between LEAs and parallel financial investigations that resulted in the seizure of cash for possible confiscation proceedings.
BOX No. 3.4 Parallel Financial Investigation. In 2017, the Customs Department intercepted a suspected package, where they informed the Drug Squad. A search was conducted of the package and a quantity of narcotics discovered. The suspect was detained, and the matter was also referred to the FCU to conduct parallel financial investigation. The Drug Squad and the FCU executed a search warrant at the home of the suspect where another quantity of narcotics was discovered along with USD 7,000 in cash. During the search a quantity of documents which were of material value to the case was also discovered and seized by the officers. The suspect was formally charged for several offences under Drugs and Customs ordinances. The FCU formally made an application before the Court to forfeit the cash in accordance with the POCO following its financial investigations. This application and the substantive matters are currently before the Court.
209. The TCI has recorded a total of 666 prosecutions for different types of associated predicate offences during the review period (see Table 3.15 below) with approximately 48% relating to drug offences and is in keeping with the risk of drug trafficking that is identified in the NRA. The remaining 52% of prosecuted offences represents other potential proceeds generating offences, including corruption. Nevertheless, there were only 28 ML investigations initiated, with the majority being from the intelligence reports from the FIA. Further, there are very limited requests for financial intelligence and relevant information to conduct investigation or to identify, trace and confiscate assets. The foregoing shows that very little attention is given to conducting parallel financial investigations with the intention of identifying potential ML activities or to identify, trace and confiscate assets. However, should the recently implemented policy by the ODPP be utilised effectively, the possibility exist that more parallel financial investigations will be conducted. 210. Although there may be several factors that are unknown to the assessment team for such low number of ML investigations deriving from parallel financial investigations, the assessment team believes that this can be attributed to the lack of resources at the FCU and the recentness of the ODPP policy. Although the authorities indicated that these predicate offences involved minor financial gains, there is no evidence to substantiate this information. Further, there is no evidence
Mutual Evaluation Report of the Turks and Caicos Islands
70 │
that LEAs who are responsible for conducting investigations into predicate offences outside of the FCU are aware of the importance of conducting parallel financial investigations as there has been no sensitisation or training afforded to these agencies. Therefore, these agencies are not referring cases or informing the FCU at the earliest stage of an investigation into the predicate so that parallel financial investigations can be initiated. Based on the statistics presented there was significant potential for the initiation of more parallel financial investigations by the LEAs involved. Table 3.15. Court statistics for the period 2014 to March 2018 of completed matters.
Type of offence 2014 2015 2016 2017 2018 Total Murder /attempted 5 4 2 3 - 14 Firearm Related 18 14 13 22 5 72 Burglary 23 57 36 30 - 146 Theft 3 24 19 21 12 79 Drug Related 47 82 77 78 30 314 Robbery/attempted 9 4 6 5 4 28 Corruption 1 8 - 4 - 13 TOTAL 106 193 153 163 51 666
211. The ODPP having recognised the weaknesses in the investigation system and recognising that law enforcement officers outside of the FCU were solely focusing on completing investigations into predicate offences and submitting case files to the ODPP (as they are not trained to identify ML offences) implemented a policy directive to remedy this deficiency. This policy directive was issued to all prosecutors mandating that all files received from LEAs for review and direction, should be reviewed to determine whether there is a component of a financial crime, such as ML and to ensure that checks were conducted to identify assets for potential confiscation. The directive also mandated that such files are required to be copied and sent to the FCU. Although this approach is commendable and encouraged, the policy took effect from April 2018, just prior to the on-site visit, therefore, very limited outcomes were seen from the implementation of the policy, with only 1 file submitted to the FCU for ML investigations and identification of potential assets. 212. The IC is the body tasked with the investigation of the predicate offence of corruption and the ML component referred to the FCU. The staffing of the agency includes police officers who are responsible for conducting the investigations. However, neither agencies have a documented policy to facilitate this process. Cases involving corruption are forwarded directly to the ODPP who can refer such cases to the FCU to conduct a financial investigation. The IC has disseminated 2 cases to the FCU to conduct both investigations into the alleged predicate and ML offences. Although corruption is perceived as being high-risk for ML in the jurisdiction, the NRA did not consider corruption (see Chapter 2 – IO. 1). The findings of the assessment team relative to corruption are based on feedback received from competent authorities, primarily LEAs. 213. Although corruption is considered to be high-risk and has the propensity to generate significant amount of criminal proceeds, the IC is staffed by only 2 investigators and is therefore severely understaffed to effectively execute its mandate. The staff of the IC have attended a training event relative to AML/CFT in 2016 and the CFATF Pre-Assessment training that was held in October 2017 in preparation of the on-site visit. There is no indication that the investigators at the IC are exposed or have attended any training that are pertinent to their functions. The table
Mutual Evaluation Report of the Turks and Caicos Islands
│ 71
below represents the number of complaints received, investigations commenced, enquiries conducted, and prosecution obtained by the IC.
Table 3.16. Activities undertaken by the IC.
Year Number of Number of Enquiries Prosecutions Complaints investigations conducted commenced 2014 30 15 3 2 2015 30 10 3 3 2016 40 5 3 3 2017 45 14 4 6 2018 (up to on- 52 17 6 6 site visit Total 197 61 19 20
214. The table above shows that the IC continues to do more with the limited resources at its disposal. Although the number of prosecutions in comparison the number of complaints received and investigations conducted is significantly low, prosecutions for corruption continue to rise over the years. The assessment team nevertheless understands that not all complaints will result in a prosecution. The information also shows that the number of complaints and investigations continue to increase and correlates with the information given to the assessment team that corruption represents a risk to the jurisdiction. The information presented to the assessment team justify the need to strengthen the IC to address the growing complaints it received annually. Despite the work undertaken by the IC with its limited resources, the information demonstrate that not enough cases are being referred to the FCU by the IC as only 2 of 197 cases received have been forwarded thus far, despite the fact that corruption has the propensity to generate significant amount of proceeds. 215. The information shows that there are approximately 20 active investigations and approximately 52 complaints, with 31 corresponding investigations for the year 2017 that were being undertaken by the IC. The IC has no formal prioritisation policy for the allocation of investigations on the basis of risk and/or public interest, etc. However, the allocation of files to investigators are at the discretion of the Director and is generally based on criteria such as, the nature and urgency of the case, potential threat and whether there is risk of losing evidence. 216. Priority is sometimes given to a case on the basis of the individual or organisation that is submitting the report. For example, a report from a politician or other prominent person. Nevertheless, it is not clear as to how these criteria are cumulatively considered for prioritisation. There is also no clear and structured case management process for investigations within the IC. 217. Overall, LEAs lack the capacity to effectively pursue ML investigations, including complex cases due to the staffing limitations, lack of training and resources that are available at their disposal. Specialists, such as forensic accountants, who can render assistance to LEAs, specifically the FCU are not available to ensure that investigations are conducted in an efficient and proper manner. The training and expertise available to LEAs needs to be bolstered, especially in complex ML cases that may involve voluminous material with multiple levels of laundering. Despite the challenges that exist within the systems, the ODPP has demonstrated its willingness to play an integral role in the advancement of ML matters and has been involved at the earliest stage of the investigation to render guidance until the conclusion of the matter (whether the matter
Mutual Evaluation Report of the Turks and Caicos Islands
72 │
was prosecuted or not). Besides the provision of guidance, the ODPP advised on the possible charges to be laid based on the evidence obtained. 218. Upon referrals of cases to the FCU, the investigators will investigate both predicate and ML matters. However, if for some reason a matter is referred to the Unit to proceed with any other proceedings under POCO, the FCU would closely work with the referring department to advance that proceeding. Regarding these parallel investigations, there is structured approach between the FCU and the referring agency to manage and progress the investigations. However, no evidence was provided to demonstrate such. 219. As reflected on Table 3.17 below, the FCU initiated a total of 28 ML investigations, 25 of which had input from the FIA, 10 of which have resulted in prosecutions of natural persons. 10 of the 28 investigations that were initiated, were discontinued, while 8 matters remain ongoing. These 10 matters were discontinued as a result of a lack of evidence or due to the insignificant nature of the criminal property involved to proceed with ML charges. An example of one such case, the criminal property constituted old computers, the matter was referred to the ODPP for advice, who indicated that there was not sufficient evidence to proceed to trial with the case. The assessment team considers that the competent authorities are more reactive in conducting ML investigations and are not actively targeting legal persons who are suspected of ML or complex ML schemes during the course of investigations. Table 3.17. ML Statistics 2014-March 2018.
Year No. of Number of Type of Investigation Investigation Investigations Prosecutions Case Pending closed 2014 11 1 - 2 3 2015 7 8 Standalone 1 4 2016 2 1 Standalone - - 2017 2 - Third party/ 4 9 Proceeds from foreign predicate offences Jan 1- 6 1 - 2 3 Sept 21, 2018 Total 28 11 9 19
220. The information presented on the table shows that the FCU conducted a total of 28 ML investigations, 11 of which resulted in prosecutions. Most of the cases relate stand-alone ML offences and the remaining 2 connected to third-party ML and suspected ML activity that had occurred in the jurisdiction from the suspected commission of a foreign predicate offence. The information presented to the assessment team shows that the FCU conducted most of the investigations in 2014, with the figures continuously declining between 2015 and 2017. The information presented shows that despite the small number of investigations, the agency has recorded a 55% prosecutorial rate. Despite evidence of investigations being undertaken and cases being prosecuted in the TCI, the information presented demonstrates that ML identification, investigations and prosecutions are not commensurate with the ML risk associated with the jurisdiction and the findings in the NRA. This deficiency may be due to the lack of resources and continuous training that is available to the FCU.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 73
3.1.8. Consistency of ML investigations and prosecutions with threats and risk profile, and national AML policies 221. The ODPP is the competent authority that is charged with the responsibility of prosecuting all criminal offences, including ML in the TCI. The department is staffed by a team of 10 prosecutors including a Director and a Deputy. The ODPP views ML as a serious offence. In an effort to ensure that ML offences are properly identified, investigated and prosecuted, a written policy by the ODPP was implemented just prior to the on-site visit. To further demonstrate its commitment, the policy mandated that 2 of its most senior prosecutors, including the Deputy DPP, be assigned to ML cases. This policy, like several others related to ML within the ODPP were implemented just prior to the on-site visit and has not resulted in any tangible outcomes. Nevertheless, the effort is commendable and should generate more outcomes should it be properly followed. The staff at the ODPP has undergone several training courses, including 1 on AML/CFT. ‘Mock trials’ relative to ML are also conducted. There is nevertheless a need for more detail and continuous training in the area of prosecuting ML cases, especially those that may be complex in nature. 222. The types of ML activities investigated and prosecuted in the TCI are not consistent with the country’s threats, risk profile, and national AML/CFT policies (see Chapter 2 - IO.1 and Table 3.17). The assessment team’s finding is based on the limited number of investigations and prosecutions conducted and obtained for the different types of ML activities in the TCI during the period under review (see figures in Table 3.17) which is not commensurate with the ML/TF risk assessment conducted by the jurisdiction. Further, the TCI is geographically close to the USA, The Bahamas, Haiti, Jamaica and the Dominican Republic and its archipelagic nature makes the Islands accessible by sea and air and susceptible to all types of illegal activity, including the movement of criminal proceeds, with no investigations and prosecution for ML that have a nexus to these activities. 223. TCI’s NRA explicitly states that the greater threat to the TCI is seen to be predicate offences committed internationally, with the funds deriving from these offences flowing through or remaining in the country. However, there has been no prosecutions for ML offences that are linked to foreign predicates during the review period. There has been only 1 conviction of ML offence in the TCI that involves foreign predicate, but this conviction occurred prior to 2014 (outside of the period under review). Nevertheless, some efforts are made by the authorities primarily the FIA to share the information with their foreign counterparts when the proceeds of crime are suspected to have been derived from criminal conduct abroad and located in the TCI (see Chapter 8 – IO.2). 224. The FIA has spontaneously disseminated information to their foreign counterpart including Trinidad and Tobago, Canada and the USA relative to suspected criminal proceeds that may have been in that island. The RTCIPF has demonstrated though to a limited extent that some focus is also given to foreign predicate offences and has disclosed information to their foreign counterparts relative to proceeds located in the TCI that may have derived from criminal conduct located abroad. 225. The case below, although not prosecuted in the TCI, shows that LEAs are giving some level of focus to proceeds from foreign predicate offence. Nevertheless, the investigations and prosecutions of these types of cases are not commensurate with the identified ML risk as identified in the NRA and context of the jurisdiction (see Chapter 2 – IO.1), where the ML threat within the TCI is considered to be greater from international sources rather than domestic. Further, the assessment team is not certain whether the evidence obtained from incoming MLA requests has been examined to determine whether any relevant intelligence or evidence may be harvested for the purpose of identifying and prosecuting ML offences linked to foreign predicates.
Mutual Evaluation Report of the Turks and Caicos Islands
74 │
BOX No. 3.5. Identification of proceeds from foreign predicate offences Police Partnership reaps reward
An information sharing partnership between the TCI and the US Police resulted in the TCI officials receiving the sum of nearly USD 280,000 based on information that was shared by the RTCIPF and the FBI. The case involved securities fraud that was conducted by the New York Division of the US Embassy. The ML case originated in 2001 and involved a national of the United States of America who was on bail for an offence for utilising a company to commit fraud via stock. The subject was arrested by the FBI in the United States of America and with the assistance of their foreign counterparts in the TCI were able to confirm the existence of the proceeds of crime brokerage account located in the TCI.
Source: Turks and Caicos Weekly newspaper - Date February 23, 2014
226. Despite the TCI being an IFC where a significant number of legal persons and arrangements are incorporated and operationalised, LEAs and prosecutors are not aggressively identifying and prosecuting cases that involve them. The lack of investigations and prosecutions of such cases is not commensurate with the risk and context of the jurisdiction. The weakness in the capacity of LEAs and investigative authorities to properly identify ML cases that have a nexus foreign predicate offence and those that are complex in nature or are connected to legal persons and arrangement is a concern to the assessment team and represent a weakness in the investigative regime.
3.1.9. Types of ML cases pursued 227. The table below illustrates the types of ML cases that have been and that are currently before the Court. The number ML prosecutions currently before the Court amounts to 1830. The information shows that most of the charges were brought in 2014 and there has been a decline in the amount of charges, from 10 in 2014 to 1 in 2018. The reason(s) for such decline was not communicated to the assessment team. The information presented to the team also shows that most of the charges that were preferred against defendants relates to possession of criminal property and acquiring criminal property. Table 3.18. ML Charges laid during 2014 – March 2018.
Type of ML offence 2014 2015 2016 2017 2018 Conspiracy to launder criminal proceeds 1 - - - - Concealing criminal property 1 1 - - - Possession of criminal property - 3 1 - - Conspiracy to disguise the proceeds of crime 1 - - - - Entering into or becoming concerned in an ML arrangement 1 - - - -
Converting or transferring the proceeds of criminal conduct 1 - - - - Using the proceeds of crime 1 - - - - Acquisition use of criminal property 1 - - - - Use criminal property - - - - 1 Acquiring criminal property 3 - 1 1 - TOTAL 10 4 2 1 1
30 The number of individuals charged has not been provided by the TCI.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 75
228. There were 18 prosecutions for ML offences and these cases are still pending before the Court. There have been at least 6 prosecutions of standalone offences. There are currently 5 ML investigations and an on-going trial involving 8 defendants, whose charges include stand-alone offences and third-party laundering. Thus far, only natural persons have been prosecuted for ML, there has been no prosecution of legal persons, despite the jurisdiction being an IFC. 229. The case currently being prosecuted by the SIPT represents the single largest ML case within the TCI. This case involves substantial volumes of financial transactions, multiple jurisdiction, complex financial schemes, Attorneys, PEPs and the use of legal persons. The case represents one of significance to the assessment team, taking into consideration contextual factors such as the size of the jurisdiction and its population. The case was as a result of a Commission of Inquiry that took place in 2009. Several high-level officials within senior levels of the past government were charged for offences of corruption and other predicate offences along with ML. The investigation lasted for over two years and involved more than two dozen specialist corruption, fraud and financial investigators (including forensic, data and financial analysts). The case also includes an extradition request. The complexity of the case resulted in a lengthy investigation and prosecution. 230. The individuals in this case include a former Premier and several of his Ministers, Attorneys at law and high-profile investors. A total of 13 persons were charged, 11 of whom are currently facing trial for various offences including ML. 5 of the 11 defendants facing charges are PEPs. 231. Table 3.19 represents the number indictments for ML and other associated predicate offences against the individuals. 11 of the charges resulting from this investigation are related to ML. The assessment team believes that this case has a significant impact on the jurisdiction’s AML/CFT regime taking into consideration the defendants involved and complexity of the matter. The TCI authorities have demonstrated that they can seek the assistance to the UK to conduct complex ML cases investigations and prosecutions when the jurisdiction is unable to undertake such. 232. The assessment team gave significant amount weighting to this prosecution, taking into consideration the size of the TCI and its population along with the impact of this case on its political, economic and AML/CFT landscape. However, the deficiencies that exist with the current investigatory regime and highlighted throughout the different core issues of IO.7 outweighs this case. Therefore, the assessment team gave more weight to the overall ML/TF investigation and prosecution regime and risk and context of the jurisdiction over this single yet large and complex case. Further, this trial emanated from a single ML case for offences which occurred and charges that were brought outside of the reporting period. The table below shows the types of offences and the number of charges resulting from this case.
Table 3.19. Prosecution resulting from the SIPT ML and associated predicate offence case.
Name of Offence Counts Conspiracy to receive bribes 1 Conspiracy to defraud 4 Conspiracy to disguise the proceeds of crime (ML offence) 1 Conspiracy to conceal or transfer for the proceeds of crime (ML offence) 3 Entering into or becoming concern with a ML arrangement (ML offence) 2
Mutual Evaluation Report of the Turks and Caicos Islands
76 │
Converting and transferring the proceeds of crime (ML offence 3 Acquiring the proceeds of crime (ML offence) 1 Using the proceeds of crime (ML offence) 1 Conspiracy to pervert the course of justice. 1 Total 17
3.1.10. Effectiveness, proportionality and dissuasiveness of sanctions 233. The criminal penalties for ML ranges from a 14-year term of imprisonment and an unlimited fine as outlined in the POCO (see R.3 - TC Annex). Sanctions for ML activities, just like any other criminal offences are at the discretion of the judiciary who is required to follow sentencing guidelines. These sentencing guidelines are based on those developed by the Courts in the UK. Some of the factors taken into consideration by the Court during sentencing includes; seriousness of the crime, previous records, mitigating factors presented to the court, age of the defendant and guilty pleas. In addition to imprisonment and fines, the Court also has the option of compensation when victims are involved. The data provided by the ODPP and the judiciary shows that there were no repeat offenders for ML offences and therefore suggest that the sentences applied by the Court may have been dissuasive. 234. The Table below shows that the average sentence imposed by the Court for ML offences ranged from a fine or a term of imprisonment not exceeding 12 months. For first time offenders in the TCI, they are rarely sentenced to a term of imprisonment and normally given a financial penalty. Failure to comply with such financial penalty within the specific timeline, would result in default sentence.
Table 3.20. Penalties imposed for ML Offences between the Period 201331- March 2018.
Type of Offences Up to 1 year 1-3 years 3-5 years 5-7 years Conceals, disguise, convert, transfer, 6 - - - remove criminal property Acquiring, Use, Possession criminal 5 - - - property Money Laundering - - - 1 Conspiracy to Launder 1 - - - TOTAL 12 0 0 1
235. The case example below shows the penalty that was imposed by the Court in the TCI for a ML offence. The case also represents a simple ML scheme. Based on this case example, the statistical data outlined in Table 3.19 and the Courts’ obligation to adhere to sentencing guidelines, the assessment team is of the view that sanctions applied against natural persons are also proportionate. There were no convictions against legal persons for ML offences during the period
31 The review period is from the year 2014 up to the on-site visit. TCI did not provide information which pertain to the review period.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 77
therefore the assessors could not comment on the effectiveness, proportionality and dissuasiveness relative to legal persons.
BOX No. 3.6. Penalty for ML. Regina v Christopher Forbes A family home was broken into by masked men and a quality of items were stolen including a Rolex watch and iPad. The matter was reported, and the police conducted their investigation that led the arrest and questioning. The suspect under caution indicated that he purchased the watch and the iPad but had sold same in The Bahamas at a car wash having travelled there for vacation. The suspect was charged for the ML offences of possession of criminal property and was found guilty. The Court imposed a penalty of USD 5,000 with a default imprisonment. The accused failed to pay the fine and was sentenced to a term of 120 days imprisonment.
3.1.11. Use of alternative measures 236. Measures such as civil recovery and cash forfeiture are available to competent authorities when it is not possible to obtain a prosecution and conviction for ML offences due to insufficient evidence. Competent authorities have also indicated that it is more effective to prefer charges for predicate offences, on the basis of the evidence presented and the likelihood of a successful prosecution. For example, a defendant was charged with using criminal property and theft. The case was considered for possible ML, however, following a thorough review of the evidence, taking into consideration case law in the UK on similar cases and the UK Crown Prosecution Service Guidelines, the authorities deemed it was not prudent to prosecute for ML due to insufficient evidence to prove such case. 237. Competent authorities have utilised civil recovery proceedings (see IO. 8) where it is not possible to prosecute offenders for ML. In one specific case it was not possible to prosecute the offender for ML in the TCI as he was, serving a sentence in Canada for similar offences. The matter was referred to the AGC who is the civil recovery authority, based on the belief that the assets represents proceeds of crime. This matter was instituted in 2018 and is ongoing. A parcel of land and funds in a bank account was restrained in 2018, as a first step in the proceedings. Similar proceedings such as civil recovery was also conducted by the TCI authorities prior to the period under review (2013) and 1 case in January 2014 in the amount of USD 100,000.00 based on investigations resulting from the Commission of Inquiry.
Overall conclusions on IO.7 238. The TCI has achieved a low level of effectiveness for IO.7.
Mutual Evaluation Report of the Turks and Caicos Islands
78 │
Immediate Outcome 8 (Confiscation)
3.1.12. Confiscation of proceeds, instrumentalities and property of equivalent value as a policy objective 239. The policy document dated April 16th, 2018 and implemented by the ODPP is also meant to ensure that assets representing the proceeds of crime or property of corresponding value are identified and traced for the purpose of confiscation. Although the action of drafting and implementing the policy is commendable, there were no outcomes from this document as at the completion of the on-site visit. LEAs, the ODPP and the AGC, are the main agencies responsible for identification and the recovery of the suspected proceeds of crime. These competent authorities are guided by the provision within the POCO relative to confiscating the proceeds, instrumentalities and property of equivalent value including through civil recovery proceedings. 240. The legal framework and procedures to restrain, freeze, detain and confiscate criminal proceeds are adequately provided for under the POCO (see R.4 and R.32- TC Annex) and is very robust in nature. The law provides for confiscation and civil recovery orders to be made in relation to the proceeds of crime, instrumentalities and property of equivalent value. The provisions represent the fundamental pillars that are necessary for confiscation. The use of civil recovery also represents an excellent alternative for competent authorities in cases where there is an insufficiency of evidence for a criminal proceeding or in circumstances where defendant was acquitted and there is reasonable ground to suspect that the property was derived from criminal conduct. 241. For the purpose of this report, civil recovery is included in the definition of confiscation. Despite the legal framework being robust, competent authorities are not effectively utilising the legislation to recover the proceeds of crimes or property of equivalent value, and confiscation was not being pursued as a policy objective. The assessment team arrived at this finding due to the very limited confiscation results. Nevertheless, the authorities are utilising the civil recovery provisions to restraint the proceeds of crime, especially when requested to do so on the behalf foreign counterparts, which is commendable.
3.1.13. Restraint Orders/ Freezing Orders 242. For the purpose of this report, freezing orders32 and restraint orders are treated as one. In an effort to ensure that proceeds of crime and assets suspected to have derived from criminal conduct or intended for criminal activities that were identified are not dissipated and are available to satisfy confiscation (post-conviction) or a civil recovery order, the DPP and the AGC have the power to apply for restraint orders and freezing orders respectively. In an effort to identify and trace assets that can be subject for restraint, the FCU is the major LEA tasked with this responsibility. Although the FCU has been provided with some level of training in the area of asset recovery, the findings are that FCU remained under-resourced to effectively conduct these functions and lacks in-depth training (see Table 3.12) in confiscation and other provisional measures. There is very limited evidence to show that the FCU and other LEAs are aggressively identifying and tracing assets for confiscation. The information provided to the assessment team shows that a total of 6 restraint orders were applied for by competent authorities and granted by the Courts during the period 2014-2018 (see Table 3.20). Most of the restraint orders that were obtained by the jurisdiction were as a result of MLA requests from their foreign counterparts.
32 Freezing Orders are applicable in cases of civil recovery whilst restraint orders are applicable in cases of confiscation.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 79
Table 3.21. Restraint Orders obtained by the TCI.
Year Amount Types of assets Estimated Value of Status (Active/ Discharged) restrained assets restrained
2014 2 Unknown - - 2015 - - - - 2016 - - - - 2017 2 Unknown - - 2018 2 Cash and Properties USD 661,777.24 / Active 19.4 acres of land and a parcel of land
Total 6
243. The information on the table shows that minimal restraint orders were obtained by the authorities in the TCI and the results are not consistent with the ML risk of the jurisdiction. Further, there is no indication that the various LEAs and competent authorities are proactively engaged in the identification of assets for confiscation, despite the willingness that is shown by the ODPP and the AGC to make the necessary applications for restraint and confiscation orders. The assessment team findings are based on the information provided that shows most of the restraints were based on MLA requests and intelligence received primarily from the USA and Canada. The findings are also based on the number of predicate offences that have been reported and prosecuted in the TCI (see Table 3.11), and the lack of enquiries to the FIA and reporting entities by LEAs and other authorities with the intention of obtaining financial intelligence and relevant information to trace and identify assets that is necessary for confiscation. As a result of the lack of identification and tracing of assets, both in the jurisdiction and abroad, there is very minimal confiscation proceedings. 244. In 2018, the TCI authorities further obtained 2 orders involving 2 separate matters. The first was by way of a civil recovery action and was based on intelligence received by the TCI authorities from their Canadian counterpart. The amount restrained amounted to USD 494,531.74, along with one parcel of land. This case is currently pending before the Court. The second application was made on behalf of the US authorities and resulted in the total amount of USD 167,245.20 being restrained along with one parcel of land measuring total 19.4 acres. The status of this case is unknown to the assessment team as no information was provided to demonstrate that these funds were eventually confiscated. These cases and other previously mentioned demonstrate the efforts of the TCI authorities to restrain and forfeit the proceeds of crime that are located in the jurisdiction as a result of the commission or suspected commission of predicate offence in another jurisdiction. However, as indicated previously, most of these cases are predicated on requests made by their foreign counterparts and not on the basis of the TCI authorities proactively identifying and tracing and confiscating the proceeds from foreign predicate. 245. The case below represents one33 whereby proactive investigations conducted by the FCU and other competent authorities identified properties in the TCI. The AGC was notified and
33 The assessment team was informed that TCI authorities in 2013 obtained 2 restraints of USD 11,000,000 and USD 594,346 as a result of an MLA request received from the USA. However, no information was provided to demonstrate that these funds were eventually confiscated, and both restraint orders fall outside the period under review.
Mutual Evaluation Report of the Turks and Caicos Islands
80 │
requested to restrain those properties. In this case, through the use of international cooperation, the TCI authorities also obtained vital information from their Canadian counterparts.
BOX No. 3.7. Case example - Restraint Order- Civil Recovery Case
The FCU received an intelligence report from the FIA in April 2014 in respect of Mr. X and commenced an investigation. It was subsequently discovered that Mr. X was charged by the Canadian authorities with possession for the purpose of trafficking. Investigations conducted by FCU revealed that Mr. X had substantial amount of assets located in the TCI, including a company that was being managed on his behalf, a trust account and real estate, etc. Canadian authorities were informed of the assets located in the jurisdiction which were suspected to derived from criminal conduct. The feedback received from the Canadian officials indicated that they were not interested in confiscation proceedings against Mr. X. In September 2014, the FCU wrote a report to the AGC and recommended that the assets be subject to civil recovery proceedings. An application for a restraint order was filed before the court in accordance with the POCO and granted. The assets restrained involved: (i)Trust account with the sum of USD 214,006.58 (as of 2016); (ii)Debentures issued by the owner beneficially through a company to another company in the amount of USD 100,000; (iii) Debentures issued by the owner beneficially through a company to another company in the amount of USD 180,525.16 and (iv) Lands. The matter is pending before the Court in the TCI.
246. A significant amount of the restraint and confiscation orders obtained was largely based upon requests from foreign counterparts and is consistent with the findings in the NRA, that proceeds from foreign predicate offences represents a threat to the jurisdiction. Nevertheless, the amount of restraint orders that were obtained are minimal taking into consideration the factors of ML risk and context. Further, the confiscation process is reactive in nature as it largely based on requests received. This conclusion is based on the findings set out in Chapter 8 - IO. 2 of the report and limited requests and spontaneous sharing of information to identify assets by competent authorities involved in the process. 247. The total value of assets restrained as a result of the SIPT trial is unknown. Nevertheless, monies amounting to just over USD 1.3 Million representing the pensions of individuals charged in this case were restrained. TCI authorities did not provide any information and evidence as to when these amounts were restrained. Therefore, the assessment team is unsure as to whether these amounts were restrained during the period under review. Although, the amounts were referenced to provide some context as to the work being undertaken by the TCI to restrain assets, they were not considered by the assessment team in arriving at the ratings for the immediate outcome and the assessment team’s findings. 248. The ODPP and the AGC are two very important competent authorities in the recovery of suspected proceeds of crimes and properties of equivalent value mainly through the application for the relevant orders to restraint assets. All Crown Counsels within the AGC have benefitted from confiscation and civil recovery trainings in 2013 and 2017 respectively. Despite the ODPP receiving some level of AML/CFT training, there is no indication that the department has received training relative to confiscation34. The lack of training for these agencies especially the ODPP, has the possibility to negatively impact these agencies’ abilities to recover the proceeds of crimes.
34 Effective April 1st, 2019 the ODPP benefited from a 1-month Exchange Program from the Secretariat of the Commonwealth where one Prosecutor is visiting TCI’s office and has commenced providing training in house to the staff in the areas of financial crimes, fraud, ML cases prosecutions, confiscations, freezing orders and the recovery of the proceeds of crime.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 81
3.1.14. Confiscation of proceeds from foreign and domestic predicates, and process located abroad.
(a) Confiscations from Domestic Predicates
249. The TCI authorities have confiscated the sum USD 969.00 that has a nexus to a domestic predicate offence during the review period. This forfeiture was obtained under the Control of Drug Ordinance. Properties namely vessels were also seized and confiscated as a result of contravention to the Fisheries Protection Ordinance. The information presented and reflected on the table below shows a total of 45 vessels and dinghies were confiscated during the period under review. Although the information is referenced in the report, no information was provided by the jurisdiction as to whether the offences that were committed are predicate to ML. 250. During the period under review, the TCI authorities obtained an enforcement order from the Court for a parcel of land that was sold in the amount of USD 575,000.00. The authorities also received the sum of USD 200,000.00 for another property that was realised. Therefore, the total amount of assets realised USD 775,969.00 as a result of the commission of predicate offences domestically.
Table 3.22. Number of forfeitures by the Fisheries authorities.
Year Total number of Items forfeited Realisable Value Forfeitures (amounts in USD). 2014 3 Vessels Vessels not sold 2015 15 Ten-14 ft boats including 18,718 compressors 2016 5 Vessels Items not sold 2017 22 Vessel containing eighteen 40,000 ‘dingy’ vessels.
Fifteen-14 ft boats including compressors 16,996
251. The information presented on the table above shows that a total of 45 forfeitures occurred under the Fisheries Ordinance. The amount realised from these forfeitures amounted to USD 75,714 and represents a considerable amount under this provision. 252. The assessment team believes that lack of confiscation relative to proceeds from domestic predicate offences is due to the fact that LEAs are not identifying and tracing assets following the commission of the offences, hence the rationale for the creation and implementation of the ODPP policy. These findings are based on the lack of requests for financial intelligence and relevant information by LEAs (see IO.6) in comparison to the number of prosecutions and convictions for domestic predicate offences. The limited accessing and use of financial intelligence and relevant information therefore has a cascading effect on this immediate outcome. 253. A total of just over USD 14.72 million was recovered from individuals as a result of the SIPT trial. Most of these monies with the exception of USD 100,000 (2014) were recovered outside of the period under review. The total amount represents the work that has been taken thus far to recover the suspected proceed of criminal conduct in this case and does provide some
Mutual Evaluation Report of the Turks and Caicos Islands
82 │
context and background as to the good work undertaken to recover criminal proceeds in the past. However, outside of the amount recovered during the period under the review, the amount does not have any impact on the weighting on the rating assigned to the immediate outcome.
(b) Confiscations, repatriation and sharing of proceeds derived from foreign predicates offences
254. The TCI has demonstrated some level of commitment to identifying, restraining, confiscating and repatriating the proceeds of crime that may have derived from the commission of foreign predicate offences and located in the TCI, largely on the basis of requests from foreign counterparts. However, LEAs are not proactive in their identification in assets that may have derived from the commission of a foreign predicate offence, as these confiscations are largely based on requests or information received from foreign counterparts. Taking into consideration the LEAs’ weaknesses in identifying and targeting ML cases that may have derived from foreign predicate offences or utilising financial intelligence and relevant information (see IO.6 and IO.7), there is a cascading effect on this immediate outcome.
Table 3.23. Assets restrained, confiscated and repatriated based on request from foreign counterparts (amounts in USD).
Date Amount Amount Amount Jurisdiction Restrained Confiscated Repatriated 2014 700,000 700,000 420,379.6835 USA 2015 998,530.93 998,530.93 998,530.93 USA & UK 2016 - - - - 2017 - - - - 2018 167,245.20 - - USA 494, 531.74 CANADA TOTAL 2,360,307.87 1,698,530.93 1,418,910.61
255. The table above shows that a total of just over USD 2.3 million suspected to have derived from the commission of foreign predicate offences were restrained by the TCI authorities, with approximately 71% or just over USD 1.6 million of that amount confiscated. The successful conversion from restraint to confiscation is commendable and shows that there are no impediments within the confiscation process in the TCI. All confiscation results were obtained in a timely manner. Competent authorities, including LEAs continue to benefit from assets confiscated as a result of the assistance rendered. Eighty-three percent of the assets confiscated by the TCI authorities on behalf of foreign counterparts were repatriated and demonstrates the viable asset sharing mechanism along with a willingness to repatriate assets, including to victims. Canada, USA and the UK were the jurisdictions from which these proceeds were derived. Despite the commendable actions in this area, the amount of assets identified, traced, restrained and confiscated is not consistent with the risk profile of the country and the findings of the NRA.
35 The amount repatriated was less following the US Officials sharing of USD 279,620.32 with TCI Officials.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 83
256. The case examples below represent some of the cases where competent authorities in the TCI assisted their foreign counterparts utilising restraint and confiscation provisions to recover the proceeds of crime.
BOX No. 3.8. Case example
In 2014, the TCI assisted their US counterparts in a matter where the defendant pled guilty to his role in a post- 9/11 scheme to exploit the country’s fears of anthrax attacks for the purpose of manipulating the stock price of a publicly traded company. The defendant had the funds placed in a local brokerage account and the TCI authorities were able to get the funds restrained, and later repatriated to the USA. The total sum restrained was nearly USD 700,000. Asset sharing agreement between the 2 countries resulted in USD 279,620.32 of the amount confiscated being shared with the TCI authorities.
BOX No. 3.9. Case example
In 2015, the US submitted an MLA request under the Mutual Legal Assistance Treaty in relation to criminal matters between the UK and the USA, and which is also extended to the TCI. The TCI was successful in its application to restrain USD 998,530.93 on the behalf of the US Officials. A final forfeiture order was made at the completion of this matter and the monies were repatriated to the US. The TCI authorities in this matter have proposed an asset sharing arrangement with their US counterparts which would result in TCI receiving part of the forfeited amount. However, the request is still being processed.
(c) Confiscation of Proceeds which have been moved to other countries
257. There are very limited circumstances where the TCI authorities have identified, and traced proceeds of crime that were moved to other countries as a result of the commission of a criminal offence in the TCI. Nevertheless, this may not necessarily be as a result of no such cases in the jurisdiction but based on deficiencies in LEAs’ resources and abilities in identifying and tracing those assets. The ML and associated predicate offences case currently under the remit of the SIPT did nevertheless show those investigators and prosecutors taking the necessary steps to identify and trace assets that were possibly located abroad. The authorities have indicated that because this matter is currently before the court and due its sensitivity the measures taken to recover and repatriate these assets could not be disclosed but assured the assessment team that the appropriate action is being taken. 258. A case example provided demonstrate where the authorities identified, and traced assets located abroad. However, this case falls outside of the period under consideration and does not have an impact on the weighting on the report. The case occurred in 2010 and involved a Jamaican national prosecuted in the TCI for fraud and ML offences. An application for confiscation was made in 2012 following this individual’s conviction and included the sum of USD 8,100,000.00 which was located outside of the jurisdiction. In this case, the TCI was made aware by the relevant authorities that funds in relation to this matter have recently been identified. Although the confiscation hearing concluded outside of the period under consideration, in 2017 the authorities made an application to the Court to appoint a Trustee to manage and dispose of the assets.
3.1.15. Confiscation of falsely or undeclared cross-border transaction of currency/BNI 259. The TCI has a declaration system in place that requires travellers entering and leaving the islands to declare any amount of cash or BNIs with a value over USD 10,000. Travellers are required to complete a customs declaration form and submit same to the customs officials (see
Mutual Evaluation Report of the Turks and Caicos Islands
84 │
R.32 – TC Annex). Despite the jurisdiction having the regime in place and identified risk of the cross-border movement of cash in the NRA (see Chapter 2 - IO.1), neither the customs department or any of the other LEAs have seized or detained any cash or BNIs that were undeclared or suspected to represent the proceeds of crime during the review period. Customs officers have attended 2 training courses focusing on anti-fraud and financial crimes conference, a post conference workshop in 2015 and a one-day workshop on TF which was subsequent to the conducting of the on-site visit. 260. The assessment team attributes the lack of seizures and detentions of cash and BNI by customs and other border security agencies to the lack of training and awareness of their AML/CFT functions. Customs officials have also received very limited training regarding the cross-border movement of cash and BNIs and are also under-resourced (technical and human) to effectively conduct their functions. 261. There is one case that is currently engaging the authorities in the jurisdiction regarding the suspected physical cross border movement of cash that were suspected of being smuggled into the country and not declared. This matter is currently under investigations and the details of the investigation are therefore not published in the report. Nevertheless, this one seizure does not negate the potential threat the jurisdiction faces relative to the cross-border movement of cash and BNIs. 262. The table below represents the declaration of cash and BNIs by passengers to Customs Department in the TCI. The investigations into these declarations did not reveal anything of a criminal nature and the monies were therefore not seized. Table 3.24. Declarations received by the FIA from the Customs Department in 2018 (between 12th February 2018 - 21st September 2018).
Declarations Feb-Mar April-June July-September Inbound 4 2 - Outbound 1 2 - Total 5 4 -
3.1.16. Consistency of confiscation results with ML/TF risks and national AML/CFT policies and priorities 263. Although competent authorities have demonstrated that they are confiscating and repatriating criminal proceeds, specifically in circumstances when a request is made by foreign jurisdiction, the overall confiscation results as of the completion of the on-site visit is not commensurate or consistent with the jurisdiction’s level of ML risk (see Chapter 2 - IO.1) and its national AML/CFT policies. Further, the recently instituted policy by the ODPP has not resulted in any tangible outcomes. The lack of confiscation and other provisional measures, such as restraint, may be as a result of a combination of several factors, including, weaknesses in the LEAs’ ability to properly identify, trace assets and lack of training and awareness in this area. As a result of the lack of seizure of assets, there have been very limited confiscation proceedings that were initiated by the competent authorities outside of those that involved requests by their foreign counterparts. 264. Regarding assets and funds that may have a nexus to TF, confiscation results seem to reflect the TF risk as identified in the NRA (see Chapter 2 - IO. 1 and Chapter 4 - IO. 9). However, there is a concern that some FIs are not sufficiently trained to identify and report such offences and
Mutual Evaluation Report of the Turks and Caicos Islands
│ 85
some competent authorities lacked the relevant training to investigate such offences and confiscate the funds or other property linked to terrorism.
Overall conclusions on IO.8 265. The TCI has achieved a low level of effectiveness for IO.8.
Mutual Evaluation Report of the Turks and Caicos Islands
86 │
4. TERRORIST FINANCING AND FINANCING OF PROLIFERATION
Key Findings and Recommended Actions
Key Findings Terrorism financing investigation and prosecution – TF offence (Immediate Outcome 9)
a) TF was assessed as low in the NRA; however, the assessment did not consider that legal or illicit money (over the USD 10,000 threshold) may be passing through the jurisdiction unknown to Customs authorities due to a lack of a regime for making declarations of outbound cash. This is a weakness in the methodology to determine the jurisdiction’s TF risk. b) There has been limited training in TF detection, investigation and prosecution for officers of the FIA, FCU and ODPP. Customs officers have not been trained in TF detection. Accordingly, there is no personnel in the foregoing departments with specialist training in TF36. c) Whilst the detection and investigation of TF is not dependent on the filing of an STR/SAR, there is no established or written coordinated strategic approach by the FCU to counter TF within the TCI. d) Declarations of inbound and outbound cash are not forwarded to the FIA in a timely manner and this can have an effect on the timely analysis of the information and subsequent dissemination of any information on TF to the FCU. e) While there is a National Strategy and Action Plan, the investigation of TF is not integrated within these documents. f) The MOU between the BOTs allow for the exchange of experts for TF purposes, as TF which is a serious crime in the TCI falls within the scope of assistance that can be provided. However, though assistance can be provided, the competent authorities have not exchanged information or utilised the MOU with respect to TF.
TF related targeted financial sanctions and NPOs (Immediate Outcome 10)
a) TCI has a robust legal framework in place to implement targeted financial sanctions related to TF without delay and there have been no matches to the UN Sanctions Lists. b) FIs including the banking, insurance and money transmitters are aware of the sanctions lists and screen customers against those lists. c) The jurisdiction has publicly known procedures for delisting. Guidance was issued to the Governor and the FIs and DNFBPs on implementing TFS. However, while guidance has been provided on how delisting may occur, no guidance has been provided to FIs and DNFBPs on the action to be taken when there is a delisting and or revocation of designated persons and entities.
36 Since the conclusion of the onsite visit, officers from the Customs Department, FCU, FIA and ODPP participated in the Workshop ‘Basic CFT Investigated Techniques’ facilitated by the World Bank in November 2018.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 87
d) The mode of communication used by the jurisdiction to communicate listings and orders do not result in prompt transmission of designations, freezing obligations and the relevant updates. e) The DNFBP sector has limited knowledge of the UN Sanctions Lists and some do not screen customers against those lists. These sectors are the high value businesses and Casino. Some FIs and DNFBPs are not aware of the steps to be taken and what measures they should implement where there is a match against the UN Sanctions Lists. f) The FSC conducted a desk-based review of the NPO sector which saw churches, charities and an educational institution being rated as high risk. However, at the time of the onsite, limited measures had been taken to mitigate the TF risk associated with these NPOs. Proliferation financing (Immediate Outcome 11) a) TCI has a robust legal framework in place to implement targeted financial sanctions without delay related to PF and there have been no matches to the UN Sanctions Lists. b) FIs including the banking, insurance and money transmitters are aware of the sanctions lists and screen customers against those lists. c) The jurisdiction has publicly known procedures for delisting. Guidance was issued to the Governor and the FIs on implementing TFS. However, while guidance has been provided, no guidance has been provided to FIs and DNFBPs on the action to be taken when a listed person or entity has been delisted or the listing has been revoked. d) The Customs Department has the mandate of monitoring the import and export of goods. There has been no trade between TCI and Iran or DPRK or to any person or entity on the UN Sanctions Lists. e) The mode of communication used by the jurisdiction to communicate listings and orders do not result in prompt transmission of designations, freezing obligations and the relevant updates. f) The DNFBP sector has limited knowledge of the UN Sanctions Lists and some do not screen customers against those lists. These sectors are the high value businesses and Casino. Some FIs and DNFBPs are not aware of the steps to be taken and what measures they should implement where there is a match against the UN Sanctions Lists. g) MOUs have been signed between the competent authorities for the exchange of information and cooperation and coordination in support of the detection, investigation, prosecution and prevention of among other things financial crimes. Recommended Actions Immediate Outcome 9 a) The jurisdiction should assess TF factoring in data on outbound cash from the Customs Department, and the impact of the lack of STRs/SARs and attempted transactions reporting, to ascertain a more accurate understanding of their TF risks. This would ensure that they are applying the appropriate measures commensurate with their risks. Further, it would confirm whether lack of investigations and prosecutions is truly in line with the low risk rating assigned to TF. b) More guidance and training should be provided to FIs and DNFBPs to enable them to identify possible instances relating to TF and take the necessary action, inclusive of filing STRs. c) The capacity of LEAs in the areas of detecting and investigating TF should be enhanced through training and improvement of policies and procedures. d) Customs should put measures in place to ensure the timely dissemination of declarations of inbound and outbound cash to the FIA. e) As the MOU between BOTs and Bermuda on Mutual Law Enforcement Assistance provides for co- operation and mutual assistance of law enforcement services in investigating serious crimes including acts of terrorism, TCI should seek assistance with respect to TF pursuant to this MOU.
Mutual Evaluation Report of the Turks and Caicos Islands
88 │
Immediate Outcome 10
a) The FSC should review and revise the channels for communicating listing, freezing obligations and notices to FIs and DNFBPs to ensure all FIs and DNFBPs receive these notices and are aware of their obligations in a timely manner. b) There is need for more outreach, guidance, training and supervision by the competent authorities on the implementation of the UNSCRs related to TF especially to the DNFBP sector. c) There is need for enhance supervision of FIs and DNFBPs in relation to their compliance with their obligations to implement targeted financial sanctions. d) The NPO Supervisor should intensify the implementation of mitigating measures to prevent the misuse of the NPO sector especially for those NPOs that have been assessed as high risk. These measures may include outreach to the sector, utilising an improved desk-based review for risk-based supervision and intensifying the monitoring of the activities of those NPOs. Specifically, efforts should be intensified around the risk-based supervision of NPOs assessed as high risk. e) Deficiencies identified in Rec. 6 should be remedied. To this end, the Governor should provide guidance to FIs and DNFBPs on the action to be taken when a person or entity has been delisted or a designation has been revoked.
Immediate Outcome 11
a) The FSC should review and revise the channels for communicating listing, freezing obligations and notices to FIs and DNFBPs to ensure all FIs and DNFBPs receive these notices and are aware of their obligations in a timely manner. b) There is need for more outreach, guidance, training and supervision by the competent authorities on the implementation of the UNSCRs related to PF especially to the DNFBP sector. c) Enhance supervision of FIs and DNFBPs in relation to their compliance with their obligations to implement targeted financial sanctions. d) The Customs Department should receive training on PF to enhance their ability to monitor compliance with the sanctions’ regime for PF. e) The AMLC should ensure that the competent authorities cooperate and coordinate their efforts to ensure TFS related to PF is implemented effectively utilising fully the MOUs and that there is compliance by FIs and DNFBPs with the UNSCRs related to PF.
266. The relevant Immediate Outcomes considered and assessed in this chapter are IO.9-11. The Recommendations relevant for the assessment of effectiveness under this section are R. 1, 4, 5–8, 30, 31 and 39.
Immediate Outcome 9 (TF investigation and prosecution)
267. The criminalisation of TF is covered under the provisions of the POTO which criminalises terrorism and terrorist financing (see Rec. 5 – TC Annex). The FCU is the competent authority to investigate TF offences while the FIA is responsible for analysing STRs/SARs and disseminating the analysis to the FCU. On its own, TCI has not detected any case of TF but has conducted an investigation into TF pursuant to a referral from the UK.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 89
4.1.1. Prosecution/conviction of types of TF activity consistent with the country’s risk- profile 268. TCI has had 1 investigation into a potential TF case, which was initiated by a request from another jurisdiction. The intelligence gathered and conducted by the FIA during the investigation did not reveal or suggest any criminal activity. The jurisdiction during the period 2014-2018 has not conducted any other investigation into TF and accordingly there is no data that demonstrate effective prosecution and conviction of persons or entities for TF offences. 269. The NRA assessed the risk of TF to be low because the jurisdiction is not close to any areas of conflict and there are no known ties to TF or support for terrorism in the jurisdiction. It however did not articulate what empirical data was used as the basis for this conclusion as TF may occur in jurisdictions that are not near conflict areas (see Chapter 2 – IO.1). Additionally, the NRA determined that there are no significant business or trade relations with countries with high terrorist threats. Accordingly, based on the NRA, the lack of investigations and prosecutions and convictions is consistent with the country’s understanding of its TF risk profile. 270. At the office of the ODPP there are 10 prosecutors of various levels of seniority. 2 senior officers are tasked with reviewing and providing advice on financial crimes matters. However, any officer may be assigned a financial crimes case. No specific prosecutor is assigned to handle TF cases and there has been limited training provided to 2 prosecutors. Therefore, there are limitations in the technical capacity within the ODPP to prosecute TF should a matter arise. The jurisdiction has indicated that they can request a specialist from the UK to represent the Crown in not only complex cases but any case concerning TF.
4.1.2. TF identification and investigation 271. Due to the lack of information from the Customs Department on collecting information on out-going cash, the analysis of data by the FIA for TF and by extension the opportunity for the FCU to carry out TF investigations based on data from the FIA would be affected Therefore, although the FIA had access to data on money leaving the jurisdiction through other channels including MSBs and wire transfers and company information from the FSC, a significant gap still existed. As the FIA was not in receipt of all the information on cash leaving the jurisdiction this indicator could not have been factored into the FIAs analysis. 272. TCI has investigated 1 TF case and concluded that there was no links to TF. However, on its own volition, the TCI has not identified or investigated any potential TF matter. This finding is based on information presented to the assessment team and discussions held with the FCU, RTCIPF, FIA, Customs Department and ODPP. 273. The FCU is the competent authority with the mandate to carry out TF investigations as set out in the Force Special Order, No. 32 of 2018. The FCU also investigates ML (see Chapter 3 – IO.7) and the same powers and resources will be used to conduct a TF investigation if one should arise. The work of the FCU is supported by the FIA, which analyses STRs/SARs and other reports and disseminates intelligence to the FCU. There has been no STR filed with respect to TF. Additionally, because attempted transactions are seldom reported by FIs and DNFBPs, this has the potential to adversely affect the TCIs’ ability to successfully identify TF. The FIA indicated that despite the deficiency in data from the Customs Department they were able to analyse data from the financial sector using information from MSBs, wire transfers and other banking transactions. 274. The FCU has no formal written policy on how to detect and investigate TF. However, the FIA has guidance document in relation to indicators and red flags concerning TF. Officers of the FIA have received analyst training which featured elements of TF detection. There is no dedicated
Mutual Evaluation Report of the Turks and Caicos Islands
90 │
specialist within the FCU to deal with TF matters. The lack of personnel with specialisation in TF can present a challenge for the TCI in investigating TF cases 275. There is an MOU in place between the BOTs and Bermuda for the provision of mutual law enforcement assistance in the area of terrorism and other serious crimes. This MOU allows for the exchange of officers and equipment to assist in investigations of serious and organised crime, including acts of terrorism, money laundering and asset confiscation. The scope of this MOU enables the TCI to access assistance from other BOT to assist the TCI with investigating terrorism financing. However, TCI has not utilised the MOU for this purpose as there has only been one TF investigation. 276. Although, the FCU has no written process for investigating TF, they would adopt the same practices used to investigate ML. These include using open sources of information, such as from the FBI and utilising the resources of the FIA. Potentially, the process for investigating TF will commence with the receipt of financial intelligence or reports from the FIA. However, the FCU can investigate TF without receiving financial intelligence or reports from the FIA. Despite this, no independent investigation has taken place. The ODPP indicated that a file was sent to them and they inquired of the FCU whether they considered a nexus to TF. The investigation considered a person who took property out of the TCI and transferred it to Turkey. The FCU informed the ODPP that there was no link to TF and no factors were given as to what led to this conclusion. 277. Although there has been no STR/SAR filed relating to TF, the FIA indicated that there is a procedure in place to analyse any report they may receive for potential TF. This procedure is documented in the Standard Operating Procedures of the FIA. The procedure includes the FIA conducting inquiries to verify suspicion that someone or an entity is on the sanctions lists, steps that will be taking in the event that the person or entity has property in the TCI and steps to notify the police, Governor and FSC. 278. Customs officers do not specifically address TF as part of their operations; therefore, it is incidental to the detection of other customs-related offences. There is a need to provide training to the Customs Department for TF. The Department plays a pivotal role in enforcing customs laws and assisting in the detection of cash entering and leaving TCI, so building their capacity in this area would not only enhance their work but by extension that of the FIA and the FCU. 279. To assist in TF identification, there is the Strategic Policy and Planning Department (SPPD) which has data on economic inflows and outflows of the jurisdiction. The SPPD receives data on transactions under the remit of Customs. The information is reviewed and transposed into statistics to reflect all economic trade in the TCI. Additionally, the Customs Department has a system to capture information on inbound and outbound cash and BNIs. Since February 2018, this information has been forwarded to the FIA. The declarations are submitted to the FIA via email or hand delivered. In total, 9declarations have been submitted to the FIA. The current system as indicated by TCI has limitations with respect to the timeliness of the reports being received by the FIA. All declarations were sent to the FIA within 30 days. The timelines within which the FIA receive the declarations should be rectified as this will delay the analysis by the FIA. Consequently, the work of the FCU can be hampered since they are dependent on the FIA to forward analysis on TF to the unit (see Chapter 3 – IO.6). 280. Apart from the one investigation into TF already mentioned, there have been no other reports or investigations of TF. Consequently, the roles played by terrorist financiers have not been identified.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 91
4.1.3. TF investigation integrated with –and supportive of- national strategies 281. There is no singular strategy or policy that addresses TF. The jurisdiction has the National Strategy and the National Action Plan. Additionally, the TCI relies on the National Threat Assessment for Combatting of Terrorism prepared by the UK. This National Threat Assessment is relied on by the TCI for national security commitments. The TCI was able to rely on commitments made by the UK in the Assessment in obtaining assistance with the purchase and installation of a Coastal Radar Station. However, it is unclear how this document is used to assist detection and investigation of TF. 282. In the National Strategy, the jurisdiction acknowledged that existing policies and procedures need to be reviewed and that ML/TF investigations should be priorities for all LEAs. Further, they recognised the need for resources to detect TF. Therefore, there is awareness of the need to strengthen this area. Moreover, while there are MOUs between members of the AMLC to share information on TF no such information has been exchanged.
4.1.4. Effectiveness, proportionality and dissuasiveness of sanctions 283. There are dissuasive and proportionate sanctions for TF (see R.5 – TC Annex). However, as there have been no prosecutions, no sanctions or other measures have been applied to either natural or legal persons convicted of TF offences.
4.1.5. Alternative measures used where TF conviction is not possible (e.g. disruption) 284. No alternative measures have been used to disrupt TF activities.
Overall conclusions on IO.9 285. The rating for IO.9 is a Low level of effectiveness.
Mutual Evaluation Report of the Turks and Caicos Islands
92 │
Immediate Outcome 10 (TF preventive measures and financial sanctions)
4.1.6. Implementation of targeted financial sanctions for TF without delay 286. TCI as a BOT does not propose persons or entities to the UN; this is the responsibility of the UK. TCI implements TFS related to TF (UNSCR1373 sanctions regime) through the Terrorist Asset-Freezing, etc. Act 2010 (Overseas Territories) Order 2011(TAFA), the POTO and the Policing and Crime Act (Financial Sanctions) Overseas Territories Order 2017 (PCA). Further, the sanctions measures are implemented through orders made by the UK and extended to the TCI (UNSCR 1267/1989 and 1988 sanctions regime). The orders take immediate legal effect upon the commencement date stated in the Order. Additionally, under the provisions of TAFA, all UK lists have been automatically incorporated into the TCIs freezing regime. The Governor is empowered by the TAFA to designate persons and entities in keeping with UNSCR 1373. The legislation and the orders do not explicitly require that freezing must be without delay and without notice. However, the effect of the respective provisions is that freezing must take place once persons or entities know they are dealing with the funds or assets for a designated person. 287. While there is a mechanism in place for domestic designation pursuant to UNSCR 1373, no designations have been made by the jurisdiction and there have been no matches to the UN Sanctions List. 288. Prior to the on-site visit, the AGC conducted a survey using to assess the awareness of FIs and DNFBPs with their obligations under the UNSCRs. The survey was sent to 168 FIs and DNFBPs and 72 responded. The survey revealed that there is no singular mechanism used by FIs and DNFBPs to access the sanctions lists. Knowledge of the list either came from the FSC, subsidiary legislation or the Gazette. The general conclusion of the survey was that there are several screening methods used by FIs and DNFBPs to identify designated persons and entities. Some respondents consulted the UN, UK or both lists and used these lists to screen customers. Others indicated that they received notifications through CDD systems, head offices, training, automatic scanning software and World-Check and World-Compliance. The survey also indicated that there is greater awareness of the need to screen customers among FIs and DNFBPs which are supervised or regulated under more than one financial sector. The survey revealed a lack of knowledge on the steps to be taken where there is a match against the UN lists. 289. The onsite visit revealed that the awareness of the obligations under the UNSCRs is limited and this finding was consistent with that of the survey. Communication to FIs and DNFBPs is through publication of the UNSCR lists on the FSCs website. This publication is done within 24 hours. The Sanctions Orders are also published on the AGCs’ website and in the Gazette, which is published weekly. The AGC has a subscription to receive updates on the UN lists. Notification is also done through periodic emails sent to FIs and DNFBPs by the FSC. Most FIs and DNFBPs were in receipt of the emails from the FSC. Sectors like the legal professionals subscribe to the Gazette. 290. Some FIs and DNFBPs were not in receipt of the notices sent by the FSC and depends solely on their screening systems. On the other hand, other FIs and DNFBPs check the FSC’s website periodically for the lists and orders and received updates from the FSC. This mode of communication employed by the FSC does not result in the prompt transmission of designations, freezing obligations and other relevant updates. There were some FIs and DNFBPs who were not aware of the lists and any new designation as not everyone checks the FSC’s website in a timely or regular manner, subscribe to the Gazette or receive the emails and notices. 291. FIs such as banking, insurance, MSBs and CSPs were aware of the list and employed screening mechanisms to check customers. Important to note is the screening systems of MSBs,
Mutual Evaluation Report of the Turks and Caicos Islands
│ 93
since they employ a two-tier system where checks are done locally and then by the international affiliate. Therefore, where a customer may get pass the screening of the local business the transaction will be blocked by the international affiliate. However, a weakness in this system is that the local company would not be aware of the reason why the transaction was blocked. In such a case there would be a missed opportunity to file a STR/SAR with the FIA and for the necessary investigations to be conducted in the TCI. On the other hand, the Micro-financing businesses had no measures in place to detect if a customer was on the UN sanctions list and depends on their CDD measures for making that detection. 292. The DNFBP sector, particularly the micro-finance37, casino, car dealers, jewellers and also the NPO sectors, had limited or no knowledge of the Sanctions Lists and Orders. The Real Estate Sector, while having knowledge of the Sanctions Lists did not screen every customer against the UN Lists. This sector applied a risk-based approach and only customers deemed high risk are screened. Factors used by the sector to determine high-risk includes complex structures or deals, geography and unusual large transactions. However, by only screening high-risk customers there is the potential that persons who are involved in terrorist activities but who are not deemed to be ‘high-risk’ can go undetected. There is also reliance on the ability to assess customers through personal interactions. Screening only high-risk customers or customers personally unknown to the proprietors of the business translates to not screening every client. CSPs are familiar with the sanctions lists and every person connected with a company is screened inclusive of third-party introducers. 293. For both the FIs and DNFBPs, the use of screening systems complemented the CDD process and decreases the risk of being misused by terrorists or terrorist’s organisations. Automated and manual screening systems include Riskscreens, Lexis Nexis, World-Check, World-Compliance, Fortent and Hotscans, to check customers against the sanctions lists. Some FIs had systems that did continuous screening of customers against the sanctions lists. Some entities indicated that they used Google to do screening however, this is not an appropriate screening tool for TFS once used in isolation. 294. Another impediment to effective implementation of TFS is that the private sector was not aware of the requirement to deprive a listed person or entity of their assets without delay. Overall, FIs and DNFBPs were not clear on the steps to be taken and what measures are to be implemented whenever a match is identified. This can be attributed to lack of awareness, training and guidance by the competent and supervisory authorities. Some of the responses to ‘if a match is found’ included not facilitating the transaction, filing an STR, contacting the FSC for further instructions and guidance and conducting in-house investigations and assessment before reporting the client. 295. 1 bank indicated that where there is a need to file an STR for TF or any other reason, it has to be filed online within 3 days. Once this is done it is then assessed by the parent branch in Canada who will review it and make an analysis. This is then filtered down to the MLRO with recommendations. A decision is then made on filing a STR or not. This process outlined by the bank would not result in swift implementation of the UNSCRs. Further, trustees did not understand that they are also required to take steps to deprive a listed person or entity of their assets (which are held by the trustees) and make the necessary report. 296. There have been no matches to Sanctions Lists. However, 1 business received matches to high-risk countries and those customers were flagged. The cases were investigated by the MLRO and reports were made to the FIA.
37 Microfinance are classified as DNFBPs in the TCI.
Mutual Evaluation Report of the Turks and Caicos Islands
94 │
297. The FSC is aware that not all licensees have screening systems and conduct screenings, and this is significant among the DNFBP sector. Also, the FSC indicated that most FIs and DNFBP recently acquired screening systems, within the last 3 years some of which screen customers in real time. When conducting on-site visits, licensees are asked to show their screening systems and evidence that they have screened customers against the sanctions lists. The CSPs have been subject to monitoring or supervision with respect to the TFS as a part the FSCs compliance visits. Where licensees fail to show evidence of screening a directive is given for them to commence screening immediately. 298. It must be noted that the ‘Guidance on Implementing Targeted Financial Sanctions’ was published in July 2018 by the AGC. This was followed by a presentation to the financial sector on application of financial sanctions in TCI. Nevertheless, during the on-site, most interviewees did not understand the requirements of taking action against a person on the list without delay, filing a STR and reporting any assets frozen to the Governor. FIs and DNFBPs not being aware of their requirements will present a challenge to the jurisdiction in detecting any potential TF case. 299. Overall, there needs to be more outreach, guidance, training and supervision by the competent authorities on the implementation of the UNSCRs. These actions should result in an understanding of the process and what measures should be implemented whenever a match is identified.
4.1.7. Targeted approach, outreach and oversight of at-risk non-profit organisations 300. In TCI, an NPO can be incorporated or unincorporated. Incorporated NPOs are governed by both the CO 2017 and the NPO Regulations (NPOR), whereas unincorporated NPOs are governed only by the NPO Regulations. The NPO sector was not adequately assessed in the NRA and no rating was assigned to the sector in the NRA (see Chapter 2 - IO 1). However, in August 2018 a desk-based review of the sector was done by the FSC (see Chapter 2 – IO.1, paragraph 100). The assessment risk rated 195 NPOs providing both service and expressive activities on the basis of status of the NPO (incorporated or not incorporated), annual gross income, country of fund distribution, sister/parent organisation and country of fund raising. 4 NPOs were rated as high risk. The factors which contributed to this rating include high percentage of disbursement of funds outside of the TCI, the amount of gross income and country of fund raising outside of the TCI. The NPOs deemed high-risk were churches, and those involved in hurricane relief and educational activities. 67 NPOs were rated as medium-risk and 124 were rated as low-risk. Factors that contributed to the risk rating of medium included a medium percentage of disbursement of funds outside of the TCI ranging from 25%-60% and annual gross income. Low risk rating was given to those NPOs with a small percentage of disbursement of funds outside of the TCI ranging up to 20%. 301. The information used to derive at a conclusion was based on contributions from the sector at the time of registration. These contributions stemmed from interviews conducted with the NPO representatives at the time of making an application and information collected and recorded on the ‘Application to Register Form’. 302. Since the completion of the desk-based assessment no action has been taken. However, the mitigation measures outlined by the jurisdiction with respect to the high risk NPOs are as follows: review of annual financial statements of these NPOs; request bank statements to determine wire transfers and assess gross income; review of names of donors over USD 10,000 per annum; and face-to-face discussion with controllers of the NPO. 303. Although there has been no targeted approach, registration of NPOs is done by the NPO Supervisor. There is no fit and proper test for controllers, however, they provide full identification
Mutual Evaluation Report of the Turks and Caicos Islands
│ 95
information and verification to the standard of that required by the NPO Regulations. They are also required to sign an ‘NPO declaration’. Registration is renewed every 3 years subject to the production of relevant documents. Further, NPOs registered under the CO 2017 are required to file annual returns. Also, pursuant to the NPOR, a registered NPO must submit financial statements. There is no requirement for NPOs to have a bank account. However, it was indicated that this practice is encouraged by the FSC. Further, in accordance with TCI’s ‘Guidance for Non- Profit Organisations’ NPOs must ensure that the organisation’s financial transactions are to be conducted through formal banking channels. 304. The FATF methodology does not require that all NPOs are supervised for the purposes of TF. Nevertheless, pursuant to Regulation 4 of the NPO Regulations, TCI’s NPO supervisor is required to conduct periodic reviews of the sector for the purposes of identifying the features and types of NPOs that are at risk of ML/TF. There has been no outreach for the purposes of TF and the sanctions regime. The NPO sector indicated that the FSC has never conducted an on-site examination and there has been little or no interaction with the FSC. Further, the NPO sector indicated that they had not received guidance from the FSC. The only outreach conducted by the FSC was in 2014 to discuss the requirements and rationale for registration. Also, there was consultation with representatives of the NPO sector with respect to preparation of the NPO Regulations. Accordingly, competent authorities are yet to apply a targeted approach to prevent the misuse of those NPOs identified as high-risk as being vulnerable to TF.
4.1.8. Deprivation of TF assets and instrumentalities 305. The TCI has not frozen or deprived terrorists, terrorist organisations and terrorist financiers of their assets as there has been no reported TF activity. However, the necessary legislative framework is present to implement these measures. It is important to note that the deficiency with respect to timely notification to FIs and DNFBPs of the sanctions list could hampers the ability to deprive listed persons and entities of their assets. Further, the fact that FIs and DNFBPs are not aware of the procedure to follow where there is a match makes the implementation of TFS difficult. 306. There has been 1 request in the last 4 years with respect to the TF Sanctions List. The request came from the UK and concerned whether an individual on the UN Sanctions List owned a company in the TCI. A search was conducted, and it was determined that the beneficial owner of the company was the son of the person on the UN Sanctions List. This person was not on the Sanctions Lists and the entity did not own any asset in the TCI. Inquiries did not reveal any evidence to suggest control of the company by the listed person. The results of the inquiries conducted were submitted to the requesting country. There were no subsequent requests regarding the matter. The intelligence gathered by the FIA determined there was no need for criminal investigation and the matter was closed.
4.1.9. Consistency of measures with overall TF risk profile 307. The NRA assessed that the risk of TF is low (see Chapter 2 - IO.1). However, the lack of adequate supervision of and awareness to NPOs that have been identified as high risk and are at risk of being used for TF leaves them susceptible to abuse by terrorist and terrorist financiers. Therefore, though the measures implemented are consistent with the low risk of TF, as assessed in the NRA, the deficiencies in the system are significant and may impact on TCI’s ability to combat TF, including investigation, prosecution and conviction of TF or where possible disrupting TF activities. In some sectors there is no knowledge of the sanctions lists. Screenings are not consistently done and most of the FIs and DNFBPs met onsite were not aware of the requirement to freeze without delay the assets of persons or entities on the UN Sanctions lists and make a
Mutual Evaluation Report of the Turks and Caicos Islands
96 │
report. Generally, there seems to be limited focus on TF perhaps due to the perception that the risk is low. However, this perception of low risk may increase the jurisdiction's susceptibility to TF.
Overall conclusions on IO.10 308. The TCI is rated as having a Moderate level of effectiveness for IO.10.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 97
Immediate Outcome 11 (PF financial sanctions)
4.1.10. Implementation of targeted financial sanctions related to proliferation financing without delay 309. The mechanism implementing TFS related to PF is generally the same as for TF. The impediments to effective implementation of TF without delay as discussed under IO.10 are applicable to this IO. There are specific Orders made by the UK relating to DPRK and Iran that have taken effect in the TCI. Further, the Customs (Control of Exportation of Arms) Order prohibits the export of goods to Iran and North Korea. There have been no cases relating to proliferation financing and no assets or funds have been frozen under PF-related UNSCRs. There has been limited cooperation or coordination between the competent authorities specifically for implementing TFS related to PF. Activities dealing with TFS related for PF have surrounded a presentation on implementing TFS related to both TF and PF delivered to FIs and DNFBPs by the AGC. MOUs have been signed between the competent authorities for the exchange of information and cooperation and coordination in support of the detection, investigation, prosecution and prevention of among other things financial crimes.
4.1.11. Identification of assets and funds held by designated persons/entities and prohibitions 310. Communication of designations to FIs and DNFBPs and for identifying assets and funds held by designated persons and entities is described under IO.10. Accordingly, the issues and deficiencies highlighted in IO.10 are also applicable to this IO. The mode of communication used by the jurisdiction to disseminate the UN Sanctions Lists and orders does not result in prompt transmission of designations, freezing obligations and other relevant updates. All FIs and DNFBPs were not in receipt of the notices sent by the FSC. Additionally, the FIs and DNFBPs who relied on the FSC’s website for information on the designations and updates did not check the website regularly. Further, there is inconsistency with screenings against the sanctions list (and in some cases no screenings) and this, coupled with the issues of communication of the Sanctions Lists, could adversely affect the jurisdiction identifying assets and funds held by designated persons and entities. 311. The jurisdiction has not identified any assets or funds pursuant to this sanctions regime as there has been no reported PF activity. Moreover, there is no evidence of any trade or business involvement with DPRK or Iran or with any of the persons or entities on the UN Sanctions List.
4.1.12. FIs and DNFBPs’ understanding of and compliance with obligations 312. There are no separate measures employed by FIs and DNFBPs with respect to PF. Screenings of customers are done against the UN Sanctions Lists and searches are conducted on customers using the software tools that are mentioned under IO.10 for TFS-TF. 313. All of the effectiveness issues raised under IO. 10 with respect to understanding and compliance with the UNSCRs related to TFS applies in relation to PF. Overall there was a lack of understanding of PF among FIs and DNFBPs and this was evident at the on-site interviews. As discussed under IO.10, overall FIs and DNFBPs were not clear on their obligations related to targeted financial sanctions. Lack of knowledge of the requirements to freeze without delay the funds or other assets of a listed person or entity and report this action to the competent authorities will have impair the jurisdiction from effectively implementing TFS related to PF without delay. Further, this deficiency along with the issues with communications of the UN Sanctions Lists and
Mutual Evaluation Report of the Turks and Caicos Islands
98 │
inconsistent screenings and in some cases no screenings may make FIs and DNFBPs’ compliance with the obligations under the relevant UNSCRs challenging.
4.1.13. Competent authorities ensuring and monitoring compliance 314. The Customs Department has the mandate of monitoring the import and export of goods. Further, the exportation of specific items to DPRK and Iran is prohibited. These include goods capable of being required for the development, production or use of military, security and para- military goods and arms, ammunition and related materials. Also, the Customs Department is aware of the prohibited items and uses the Automated System for Customs Data (ASYCUDA) as their flagging system. There has been no detection of exportation of goods to these countries. It is important to note that the Customs Department indicated that they are looking to procure canine and a baggage scanner to assist in their functions. The Department also stated that there is need for training and more co-ordination among the competent authorities to ensure their effectiveness to implement their obligations related to PF. 315. The AMLC has been set up to develop policies and coordinate cooperation between the domestic authorities, including PF issues. However, to date there has not been any policy specific to combatting PF. There is a sub-committee to create and review legislation relating to terrorism, TF and PF. 316. In 2018, the AGC produced guidance documents to the Governor on his powers under the Sanctions Orders (Guidance to the Governor: Implementation of Sanctions and Proscription in the Turks and Caicos (August 2018)) and to FIs and DNFBPs on their obligations under the various sanctions’ regime (Guidance on Implementing Targeted Financial Sanctions (July 2018)). However, FIs and DNFBPs interviewed during the onsite did not understand TFS related to PF and their corresponding obligations under the relevant UNSCRs. 317. With respect to supervision, the same effectiveness issues identified under IO.10 are applicable. Additionally, there is no specific supervision conducted by the FSC or any other competent authority related to PF.
Overall conclusions on IO.11 318. The TCI is rated as having a Moderate level of effectiveness for IO.11.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 99
5. PREVENTIVE MEASURES
Key Findings and Recommended Actions
Key Findings FIs
a) The banking sector has a general understanding of the ML/TF risks while other FIs demonstrated limited understanding. FIs with international affiliates rely heavily on the ML/TF risk mitigating measures of affiliated institutions. b) In most instances, there are no formalised arrangements for introduced business in the Trust and CSP sectors. As a result, these sectors have implemented very little AML/CFT preventative measures at the business application stage. c) Most FIs have a reporting threshold, however suspicious activity reporting is not commensurate with the jurisdiction’s risks. This low level of STRs/SARs may be attributed to a number of reasons including, low level of awareness of reporting obligation, lack of understanding of what may be considered as suspicious or unfamiliarity with the process. d) The banking and MSB sectors have appropriate internal controls to mitigate ML/TF risks. However, there were little to no established internal controls to reduce these risks in the trust and investment sectors. There are established AML/CFT policies and procedures in the FIs.
DNFBPs
e) DNFBPs do not adequately understand their ML/TF risks. As a result of the NRA, DNFBPs gained some understanding of the risks, but are less aware of entity specific risks and risks unique to their circumstances as businesses operating within an IFC. f) Awareness of AML/CFT obligations among DNFBPS is mixed, with the legal and real estate sectors exhibiting better knowledge, though not to a sufficient degree. Microfinance businesses, and high value dealers- car dealers and jewellers - and bookkeeper-type accountants that have not been subjected to any supervisory or regulatory environment demonstrated low levels of understanding of AML/CFT obligations and ML/TF risks. g) The implementation of preventive measures is generally poor for all DNFBP sectors. Risk mitigating efforts in the DNFBP sector, if and when they are applied, are not always commensurate with their risks because of inadequate appreciation of ML/TF risks and AML/CFT obligations. h) Although DNFBPs appear cognisant of the obligation to conduct CDD when establishing customer relationships, there is a lack of ongoing CDD process of customers and their BOs because of the sector’s reliance on longstanding, personal client relationships to satisfy CDD. Further, the sector has not been satisfying CDD requirements consistent with the FATF standards because of deficiencies that existed in the law.
Mutual Evaluation Report of the Turks and Caicos Islands
100 │
i) DNFBPs have limited understanding of reporting obligations, which could be attributed to knowledge and understanding gaps of the reporting process and of potential suspicious. j) DNFBPs have to some degree implemented internal systems and controls for testing and monitoring compliance with AML/CFT obligations but significant deficiencies exist in the appointment of compliance professional with oversight for implementation of these measures.
Recommended Actions FIs
a) Introduced business may be established by arrangements between the CSP and the third-party introducer and where there is a reliance on introducers for CDD information, this should be in accordance with TCI legislation. b) The risk mitigating measures of the banking sector should be reviewed, as de-risking of some sectors is not considered appropriate under a risk-based approach. c) Supervisors should ensure that all FIs, including PORCs, and not just the banking sector have an understanding of their risks and all sectors are implementing risk-based measures that are commensurate with their risks. d) Supervisors and other authorities such as the FIA should provide FIs with more training, guidance and feedback to ensure that they are adequately equipped to identify STRs and report STRs to the FIA. e) Supervisors should provide outreach and guidance to FIs in assessing the risk of TF to raise awareness across all sectors. DNFBPs
BPs, especially from the legal and real estate sectors, should conduct institutional risk assessments (that include all relevant risk factors such as customer information, transaction details, delivery channels, geography, product and services) to improve understanding of risks and include. f) The FSC should provide better guidance to DNFBPs and assist them in accessing training that prioritises compliance with CDD requirements, BO and PEPs statuses, to enhance/develop robust application of preventative measures consistent with their ML/TF risks and AML/CFT obligations. Such training should also include developing a compliance culture for identifying and filing suspicious activity report and improving obligations in this respect; and developing awareness of TFS obligations and implementing the measures necessary to satisfy this requirement. g) Consistent with their risks and size, DNFBPs should put in place mechanisms/processes to ensure the following: • proper internal systems and controls are developed and implemented. Staff should be trained to comply with the controls and the consequences for non-compliance. • adequately trained and sufficiently senior persons are appointed to oversee implementation of AML/CFT procedures and controls and serve as the mechanism to comply with reporting obligations. • independent and professional processes are implemented to test and assess the effectiveness of AML/CFT procedures and controls consistent with the FATF Standards.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 101
319. The relevant Immediate Outcome considered and assessed in this chapter is IO.438. The Recommendations relevant for the assessment of effectiveness under this section are R.9-23.
Immediate Outcome 4 (Preventive Measures) 39
320. The TCI’s designation as an IFC is mainly based on the products and services offered by the FIs and the DNFBPs in the jurisdiction. These products and services are offered to residents and also to a large number of non-residents, which results in a high level of non-face-to-face activity. Additionally, the majority of the services offered in the banking, corporate service providers (CSPs), trust and DNFBPs sectors target high net-worth individuals. These sectors have been assessed by the jurisdiction as medium high risk given their associated size, complexity and vulnerabilities. 321. In terms of materiality and risk within the TCI context (see Chapter 1 - Financial Sector and DNFBPs), implementation issues for FIs40 (see Chapter 1 - Table 1.2) were weighed as most significant for the banking, PORCs, CSPs, money services businesses (MSBs); significant for the trust companies and less significant for life insurance companies (domestic), captive insurance companies, investment companies and mutual funds administrators. 322. DNFBPs (see Chapter 1 – Table 1.3 (a) and (b) and accompanying findings) were weighed as most significant for the legal and real estate sectors and the gaming sector (gaming machines); significant for the accounting and microfinance sectors and less significant for car dealers, jewellers and casinos given their number, size, extent of their contribution to the domestic economy.
5.1.1. Understanding of ML/TF risks and AML/CFT obligations 323. Entities that participated in the NRA workshops and meetings were often unable to demonstrate an understanding of the NRA-identified risks affecting their businesses, and therefore were unable to discuss their plans for mitigating those risks. 324. The assessment of ML risks identified in the NRA as low for some sectors in the jurisdiction was not commensurate with the general level of risk associated with TCI as an IFC or the fact that the majority of business of CSPs, trust, international insurance and some private banking institutions involved non-face-to-face clients. FIs 325. 3 of the banks operating in the TCI are part of international financial groups and demonstrate adequate knowledge of inherent ML/TF risks. These institutions are aware of their AML/CFT obligations and have implemented the required internal controls. These include the appointment of a Compliance Officer, regular staff training and suspicious transaction reporting. These institutions also regularly conduct risk-assessments as part of their normal operations (as required by group-wide practices) and as a requirement in the TCI. Similar assessments and
38 When assessing effectiveness under Immediate Outcome 4, assessors took into consideration the risk, context and materiality of the country being assessed. 39 The initial paragraphs give a short summary of what relative importance assessors have given to the different types of financial institutions and designated non-financial businesses and professions, taking into account the risk, context and materiality of the country being assessed. 40 For the purposes of this assessment, CSPs and Trust Businesses are treated as FIs and analysed under that sector in keeping the TCI’s treatment of these sectors.
Mutual Evaluation Report of the Turks and Caicos Islands
102 │
AML/CFT controls are not present in the remaining banks, which offer mostly investment and wealth management services. These FIs have assessed their operations as low risk given their restricted nature and the long-established relationships with their clientele. Based on this disparity, the level of understanding of ML/TF risks and AML/CFT obligations in the banking sector is therefore at a higher level for some banking institutions than others. 326. Representatives of the Trust Sector particularly disagreed with the results of the NRA, which assigned a medium high-risk rating to the sector. The sector considers its ML/TF risks non- existent due to their portfolio being small and in existence for over 10 years. As a result, some institutions have conducted no risk assessments and there is no on-going monitoring of clients. The non-trust activities being undertaken by some trust licensees have also not been assessed. Although there is some level of customer identification measures in place, the level of understanding of the associated ML/TF risks and awareness of AML/CFT obligations is very limited. 327. The Insurance sector has been assessed as low risk and the sector agreed with this rating. No risk assessments have been conducted by domestic insurance companies, as their focus did not include AML/CFT obligations. During interviews, it was apparent that representatives of the domestic insurance sector were not fully aware of their AML/CFT obligations. This was due to the fact that the domestic insurance sector operates mainly through agents. The jurisdiction has assessed the international insurance sector as medium low risk. Based on the limitations associated with their operations, the international insurance sector has been excluded from AML/CFT measures and there is very limited understanding of ML/TF risks as no assessment have been undertaken in this area There has been no assessment of PORCs to determine whether there is any understanding of their ML/TF risks and AML/CFT obligations. The assessment team was also unable to make any determination as this sector was not represented during the on-site examination. 328. The MSB sector has a good level of understanding of the ML/TF risks and these entities have conducted appropriate assessments commensurate with the inherent ML/TF risks associated with the sector. The sector has implemented the appropriate measures to comply with AML/CFT obligations. There is also a higher level of risk assessment being carried out by the affiliated international provider to enhance the operations which take precedence in the day-to-day operations These actions by the sector demonstrate a high level of understanding of ML/TF risks and AML/CFT obligations. 329. CSPs were aware of the associated ML/TF risks and were of the general view that their products and operations could not be misused in practice for ML or TF. Some sector representatives have produced risk assessments of their operations. While the sector has a fair understanding of ML/TF risks and AML/CFT obligations, this can be improved with a greater understanding of the risks associated with the products and services offered. 330. The Investments Sector has been rated as medium ML/TF risk as the sector benefits from relationships with the banking sector which is known for its traditional controls. The licensees of the investment sector are aware of their AML/CFT obligations however no risk assessments have been done. As a result, there is very limited understanding of the risks related to the sector. The risk rating is based on the limited activity in the sector and the established relationships with clients. DNFBPs
331. DNFBPs have some awareness but varying perspectives of their ML/TF risks. The real estate and, legal sectors as well as the casino representative were cognisant of generally perceived
Mutual Evaluation Report of the Turks and Caicos Islands
│ 103
risks associated with their businesses. Understanding of risks by operators of gaming machines was not tested via interviews as no representative was put forward by the TCI. It is unlikely however that such appreciation exists within this subset of the gaming sector as, until recently, they were not under any obligation to comply with AML/CFT requirements and persisted for the majority of review period in a fairly unregulated environment. 332. For the most part however, risk is understood from the perspective of customers, rather than on the consideration of other relevant risk factors such as product and services, transaction and geography. Moreover, all DNFBPs see their close, longstanding relationships with clients as the main consideration to their understanding of ML/TF risks and justification of low risk rating. There is a pervasive practice among all DNFBPs to treat their international client base originating from US, UK and Canada as low risk. No regard was given to the fact that these jurisdictions have significant risks of ML by their citizens. 333. While the NRA helped the sector to begin considering risks, it does not go far enough in developing an adequate appreciation of ML/TF risks. Some of the assessments in the NRA were based in large part on generally perceived risks and were not supported by information from the specific legal, supervisory, operational and regulatory domestic circumstances of the sector (see Chapter 2 – IO.1). There is no appreciation of risks at the entity level and the NRA findings did not have the benefit of information/data drawn from AML/CFT supervisory activities. It is therefore critical for the sector to supplement the NRA representations on risks with targeted sectoral and entity specific risk assessment. 334. DNFBP representatives, such as high value dealers, were unable to understand how their businesses could be susceptible to ML/TF risks (notwithstanding that there are no entry barriers to these sectors and business operations generally require significant start-up capital). The NRA also did not assess microfinance businesses (the sector consisted of 2 firms at the conclusion of the NRA in 2017 and grew to 4 firms thereafter) and was therefore not useful in helping the sector’s understanding of its ML/TF risks. 335. The extent of the understanding of AML/CFT requirements among the DNFBPs varies greatly. Lawyers demonstrated greater understanding, though not to an adequate level. The real estate representatives demonstrated insufficient understanding. The jeweller representative had no understanding of AML/CFT obligations and car dealers, and microfinance businesses have marginal appreciation, which was limited to knowledge of basic CDD measures. In a good number of cases, the understanding of AML/CFT obligations among DNFBPs is general and not sufficiently granular to ensure appropriate measures are developed and implemented to mitigate risks and satisfy national AML/CFT requirements. One example is the sector’s limiting the interpretation of a PEP to domestic politicians and their families and limiting the application of the required EDD measures to only management approval. Similar limitations in the interpretation of a BO and the associated due diligence required were also evident. 336. Most DNFBPs were also minimally knowledgeable about updates and changes to the obligations occasioned by recent legislative amendments to TCI AML/CFT laws. This gap is especially problematic given that the sector, prior to the amendments, already exhibited low levels of AML/CFT compliance regarding CDD, BO, PEPs, reporting and screening requirements, all of which were subjected to legislative amendments weeks before and during the on-site visit.
5.1.2. Application of risk mitigating measures FIs
Mutual Evaluation Report of the Turks and Caicos Islands
104 │
337. Generally, FIs’ representatives stated that an overall business risk assessment is done of their operations. This was also stated, by the FSC, as a requirement for submission by all regulated institutions. In the banking sector, there is heavy reliance on the risk mitigating measures of the parent company or the operations in the home jurisdiction. These institutions did not implement standalone measures in the TCI operations as it was expected that the international controls would appropriately mitigate any risks. The RBA utilised by the banking institutions’ group operations also apply in the TCI. One such example as explained by the representatives from the sector is the de-risking of MSBs and casinos. The de-risking of these institutions, however, should not be considered as a mitigating measure under a risk-based approach. In addition, the CDD measures employed by the banking sector is applied to all customers with enhanced measures being employed for business with PEPs. These measures utilised by the banking sector are under continuous review and changes are applied periodically. 338. No risk mitigating measures are being implemented in the insurance and trust sectors, since the ML/TF risk is perceived as low. A lack of entity-specific risk assessment and AML/CFT supervision of these sectors also contributes to the low level of understanding of ML/TF risk. Whilst the insurance sector, which operates primarily through agents, does not have a full understanding of its AML/CFT obligations, the representatives of the trust sector who were interviewed classified all clients as low risk on the basis of longstanding business relationships and familiarity. There was no evidence to support the understanding of ML/TF risks of the remaining members of the sector. 339. Some client profiling is conducted by the MSBs, which is used to determine whether EDD measures are required. Similar to the banks, the MSBs rely heavily on the risk mitigation controls of the international affiliates for which they are agents. These measures take precedence over any measures in place by the local agents. MSBs, having a fair knowledge of specific ML risks, particularly those of human smuggling between TCI and Haiti, have implemented mitigating measures such as more focused transaction monitoring and greater emphasis on obtaining identification documents. 340. Given the high volume of introduced business in the trust, investments, mutual funds, international insurance and CSP sectors, the risk associated with the clients in these sectors is high. These sectors accept business from personally affiliated persons in foreign jurisdictions without verification of CDD information. There are, however, very few instances where arrangements with introducers are formalised or documented. This formalisation by way of contracts would ensure that CDD and other risk mitigating measures have been employed by these introducers. These measures must also be in compliance with TCI legislation. The sectors have instead placed a great deal of emphasis on the close association and in some cases personal relationships between the licensee and the introducers. 341. There was an overall low level of awareness of TF risks across all FIs (including international banks). This was evidenced by the lack of training received by the sectors and the absence of risk mitigating measures in this respect. With the absence of any assessment of TF risks by the FIs, there is hardly any emphasis being placed on the application of mitigation measures. DNFBPs 342. Gaps in the understanding of AML/CFT obligations limit the application of adequate risk mitigating measures in the DNFBP sector. Most of the DNFBPs interviewed had limited understanding of what constitutes a BO and the importance of collecting and maintaining BO information, and therefore were not undertaking appropriate risk mitigating measures in this regard. The same limitation is evident in the sector’s treatment of PEPs. Further, efforts to
Mutual Evaluation Report of the Turks and Caicos Islands
│ 105
mitigate risks are impacted by the sector’s knowledge gap relating to recent legislative amendments to AML/CFT requirements and the deficiencies that existed prior to those changes. 343. Risks are understood at a limited extent among the different DNFBPs, which impacted the degree to which the sector mitigates its ML/TF risks. The legal sector appeared to be the most aware of its risks, but mitigating measures within the sector, such as limited CDD based on close, longstanding client relationships, do not appear commensurate with the sector’s high risk to ML. This is especially so considering that a great portion of the client base of the legal sector is from jurisdictions with high risk for ML, such as Canada, UK and the US. There are known cases in TCI in which lawyers have held funds for international criminal clients, and in one case, conspiratorially commingled client funds to intentionally conceal and disguise the source, ownership and control of such funds. Additionally, 4 lawyers are currently on trial for corruption and other ML-related offences, and another was convicted for ML in a separate proceeding. 344. Reliance by the real estate sector on lawyers and banks to satisfy compliance with CDD requirements is not satisfactory to mitigate risks in the sector, considering that a major risk identified in the FSC’s thematic review of the sector is the deficiency in the identification and management of higher risk clients. Similarly, a typology by the FIA revealed that international clients in the real estate sector also pose significant risks to the sector. 345. Sectors such as car dealers and jewellers generally do not understand their vulnerabilities to ML/TF.
5.1.3. Application of Customer Due Diligence (CDD) and record-keeping requirements FIs
346. The AML/PTF Code makes provision for EDD measures to be applied by regulated businesses and for records to be maintained. In addition, a recent amendment was made to the Companies Ordinance to require BO information to be maintained in a register. In February 2018, the jurisdiction introduced the Beneficial Ownership Register; previously BO information for legal entities was maintained only by CSPs. This Register will be maintained by the Registrar and should contain relevant customer due diligence information. It is expected that the Register will improve the availability and accessibility of information relating to beneficial owners of registered entities, however CSPs will still also be required to maintain BO information (see Chapter 7 - IO.5 for more detail). 347. The FIs in the TCI do not apply EDD measures to foreign customers who are resident. The same CDD measures applied to domestic customers are applied to foreign customers who are resident in the TCI. These measures include undertaking a ML/TF Customer Risk Assessment; identifying the customer; obtaining verification of the customer’s identification and ongoing monitoring of the customer. 348. Enhanced measures are only required to be taken when, after a risk assessment has been conducted, a foreign customer is rated high risk. 349. For non-resident customers conducting non face to face business, the legislation allows financial businesses to determine, on a risk sensitive basis, what enhanced customer due diligence measures or enhanced monitoring to apply to these customers. 350. During examinations conducted under the review period, the FSC noted the following enhanced due diligence measures used by FIs in respect to non-face-to-face business: • additional forms of identification; obtaining copies of identification documents certified by a suitable certifier; verifying additional aspects of identity or other customer due diligence
Mutual Evaluation Report of the Turks and Caicos Islands
106 │
information from independent sources such as Google, World Compliance and World Check; obtaining copies of signature of customers; telephone contact with the customer on a home or business number which has been verified prior to establishing a relationship, or telephone contact before transactions are permitted, using the call to verify additional aspects of identification information that have previously been provided. 351. There is a general understanding of the need to maintain records for the specified period and the declaration that these measures were in place was shared with the Assessment Team during the interview process. This affirmation of knowledge was supported by the inclusion of such requirements in the policies and procedures manuals provided by the FIs for Assessors' review. The representatives of the FIs highlighted that BO information was available and provided in all instances when requested by law enforcement agencies. The representatives of the various sectors all indicated their understanding of the importance for obtaining and maintaining CDD information. Most FIs in the TCI use due diligence engines to assist with CDD measures. 352. For introduced business, the CDD information of clients was provided to CSPs, trusts and investment managers by introducers. Based on representations made in the interviews, there was little to no verification of this CDD information by the licensed CSPs, trusts and investment companies. 353. The banking sector has measures in place to ensure that CDD information and more specifically BO information is maintained for all products and services. In establishing the business relationship, customers are required to produce current identification documents to verify their identity. For additional CDD measures include conducting a risk assessment to determine if enhanced due diligence measures are required. Similarly, f corporate clients, beneficial ownership information must be submitted for all-natural persons. The banking sector has implemented ongoing monitoring procedures to ensure that BO information is regularly updated. In instances where CDD and BO information were not submitted, the business was refused. Customers are required to provide updated customer information on a periodic basis in order for the business relationship to continue. 354. Similar measures exist in the trust sector for BO and customer identification information of the beneficiary to be presented before settlement. It is noted that little emphasis is placed on verification of the source of wealth of the trustor the BO information on the settlor. This is attributed to the long-established history and familiarity of the clients. 355. For the investments sector, the representatives demonstrated during the interview process that there was knowledge of the need to obtain and maintain CDD information. Again, the reliance on established and long-standing relationships with their clients reduced the practice of requesting such information during the onboarding processor updated information thereafter. 356. While the insurance sector had limited emphasis on AML/CFT requirements, and based on the exclusion of general insurance business, basic customer identification documents were accepted by the companies for new business. There is no evidence of updated information being collected for ongoing customer relationships.
DNFBPs
357. Although not in all cases (such as with jewellers), most DNFBPs request basic customer identification and verification documents - such as a driver’s licence or passport - and are adequately cognisant of the requirement to carry out CDD. However, CDD measures beyond the request for basic information is rarely evident, mostly because of the general trend in TCI by financial businesses, including DNFBPs, to rely on longstanding, close client relationships, both
Mutual Evaluation Report of the Turks and Caicos Islands
│ 107
domestic and international, as sufficient to meet CDD requirements. Furthermore, real estate agents persist in the view that CDD is not within their purview and is the responsibility of banks and attorneys associated with the transactions in question. 358. While relying on entrenched client relationships is useful to a certain extent, the downside is that it limits the sector’s ability to comply with AML/CFT requirements to identify and understand customer risks. This deficiency resonates at even greater levels in situations where DNFBPs chose to vicariously rely on their referrals’ relationships with the referred customers, practices which are evident in the real estate and legal sectors. 359. Because of operational impracticalities, the casino sector conducts CDD in limited circumstances, for example where a customer requests a credit facility over USD 10,000. CDD in this specific situation is limited to identification particulars and information on source of funds, such as salary slips and bank statements. CDD information is verified in some instances using online background check systems. Verification is also done on those customers who transfer funds to their accounts at the casino, prior to their arrival in TCI. Reliance on established customer relationships as a mean to satisfy CDD is also practiced by the casino. For the remainder of the gaming sector (which although not covered under the FATF standard has been brought under the TCI’s AML/CFT regime recently because of the ML risks the sector poses), no evidence was put forth to demonstrate that adequate CDD and record keeping requirements were being carried out. 360. Although there is some understanding among DNFBPs that they should refuse client business if the CDD process cannot be completed, there is no strict compliance with this obligation, given the general custom to view longstanding client relationships as adequate to satisfy CDD requirements, i.e. relying on established relationships, whether directly or indirectly, prevents an assessment of whether such business relationships ought to have been refused or discontinued. None of the interviewed DNFBP representatives exhibited any consideration of treating the refused business, if occurred, as suspicious for ML/TF and filing a STR. 361. Conducting or restricting CDD based mainly on close client relationships also meant that DNFBPs were not always complying with national requirements to identify and verify BO information. Compounding this deficiency is the limited understanding the sector has of what constitutes a BO, which is generally understood in terms of legal ownership, and in one case was also defined as the proprietor of a company. None of the DNFBPs interviewed exhibited any appreciation of a BO within the context of a person exerting control or decisive influence. 362. The recent legislative amendments to correct deficiencies in the requirements on CDD and recordkeeping also meant that previously, the DNFBP sector was not only not required to satisfy those requirements but were not complying with CDD/recordkeeping standards in keeping with the FATF Recommendations. CDD deficiencies in the sector is also indicative of non-compliance or equivalent deficiencies in record keeping requirements.
5.1.4. Application of EDD measures (a) PEPs
FIs
363. There is a common view across all FIs that PEPs constituted only local politicians and their immediate family members. There was little inclination to suggest that the sectors’ understanding of PEPs extended to close associates of these individuals, top civil servants, domestic persons holding top positions in international organisations or international PEPs. The sectors also had
Mutual Evaluation Report of the Turks and Caicos Islands
108 │
marginal understanding of the EDD requirements for PEPs. Based on the representations made by FIs, most did not have any additional enhanced CDD measures for PEPs. 364. In higher risk cases, the banking institutions would apply EDD measures to gather more information to verify customer identity and to understand the nature and purpose of the business relationship or transaction. In addition, the usual screening checks with due diligence engines are utilised to obtain additional information. Potential clients are checked against sanctions lists for matches. If the resulting information was deemed unsatisfactory or if additional information was not presented, the business was refused by the banking institution. 365. The trusts, investment and insurance sectors do not perform EDD measures. The trusts and investment sectors consider that there is no need for EDD given the low risk associated as their clients were well known and the business relationship was long standing. Given the low risk associated with the insurance sector, similarly, EDD measures were not applied. 366. Generally, there was no application of EDD measures by the other FIs in the jurisdiction or any indication that business was refused if there was any uncertainty relating to the business. DNFBPs 367. There is a general awareness among the DNFBPs of what constitutes a PEP and the requirements for these customers. However, PEPs are mostly understood to mean domestic politicians and their families, and not close associates, residents entrusted with prominent functions by an international organisation or foreign politicians, which raises question about the sector’s ability to identify these PEP types and whether requisite EDD is being conducted. DNFBPs commonly determine who is a PEP based on perceived knowledge about the customer, as in the case of domestic politicians who are fairly visible and widely known in TCI. While this approach is useful, it compromises the conduct of the requisite EDD measures and by extension the ability to identify and understand customer risk. 368. EDD measures applied by the sectors are also not to the required standard, which is in part influenced by the sectors’ limited understanding of what constitutes a PEP. Most often, EDD is not carried out in applicable circumstance or does not include source of wealth information or ongoing monitoring of the relationship. (b) Higher Risk Countries
FIs
369. Notices from the FATF and CFATF relating to higher risk countries are circulated to FIs. During the interviews, it was noted that the banking, money services, trusts and investments sectors were able to identify higher risk countries. The representatives of the banking and money services sectors are fully aware of the measures required for business with high risk jurisdictions. These institutions assured that appropriate action was taken for such business, especially wire transfers in banks. The trusts and investments sectors do not conduct business with persons in high risk jurisdictions. The insurance sector does not apply measures to deal with any business related to high risk countries. DNFBPs 370. Evidence was provided of FATF and CFATF designations being circulated to DNFBPs and the assessment team considers that some lawyers, real estate agents and accountants from international firms were able adequately identify high-risk jurisdictions to which they had applied requisite EDD measures. It is not known whether individual real estate agents not associated
Mutual Evaluation Report of the Turks and Caicos Islands
│ 109
with an agency, book-keeper type accountants, and the gaming sector in general are aware of these requirements and are satisfying them. High value dealers do not satisfy these obligations. A strong possibility therefore exists that these subsectors could be engaging in business with customers from high risk jurisdictions 371. The real estate and legal sectors are generally aware of the requirement to treat business relationships and transactions related to high-risk countries with greater scrutiny. High value dealers are not similarly aware, demonstrating little to no understanding of the requirements relating to high-risk jurisdictions. The casino sector showed a similar gap. None of these DNFBPs indicated any relationship with high-risk countries. (c) Targeted Financial Sanctions
FIs 372. The FIs are required to check potential clients against sanctions list prior to establishing business relationships. While the UN sanctions lists are gazetted and published on the FSC’s website, FIs consider that this method of dissemination is neither timely nor effective as very few FIs acknowledged accessing or utilising them. For those who reported checking clients against them, they indicated that there were no potential matches. DNFBPs 373. There is very limited knowledge of sanction lists and associated screening requirements within the DNFBP sector, with the real estate and legal sector exhibiting better awareness. Representative from the real estate sector indicated that they adopt a risk-sensitive approach and screens only high-risk customers—which limits their ability to identify potential matches. These sectors relied heavily on longstanding client relationships in lieu of conducting the requisite CDD or risk assessment, and therefore did not consistently check sanctions lists nor screen their customers against same. Micro-finance businesses, jewellers, car dealers, and the gaming sector are not aware of the UN sanctions lists or the orders and have no measures in place to screen customers. DNFBPs are also not knowledgeable of the requirement to deprive listed persons/entities of their assets nor aware of TFS implementation measures applicable under these circumstances. 374. Consequently, no matches to sanction lists have been identified in the sector. Save for a registration and renewal process that was not always complied with by all DNFBPs nor adequately enforced by the FSC, and a single thematic review conducted of the real estate sector in 2017, the sector operated for a long time without AML/CFT supervisory oversight and outreach and had not received any targeted training in TFS until one month prior to the on-site. As such DNFBPs’ abilities to comply with TFS requirements are impaired and make the sector susceptible to abuse for criminal ends. (d) New Technologies
DNFBPs
375. The assessors were not informed of any development of new technologies in the sector. Supervisors for the DNFBP sector confirmed that the sector was not exposed to any emerging technologies. However, none of the DNFBP representatives interviewed demonstrated any understanding of the requirement to apply enhanced or specific measures for new technologies. Gaps in the knowledge of AML/CFT obligations by DNFBs as well as lack of AML/CFT supervisory oversight of the sector may have contributed to this lack of understanding.
Mutual Evaluation Report of the Turks and Caicos Islands
110 │
376. DNFBPs have not been conducting any risk assessments, including that of products and services and associated technological innovations, and therefore would not have had the foundational basis upon which to determine enhanced/specific measures relating to new technologies, if they existed.
5.1.5. Reporting obligations and tipping off FIs 377. There is an overall concern about the low level of STR/SAR reporting in the TCI, which has persisted over the period under review. This low level of reporting also does not correspond to the level of risk associated with the sectors or the jurisdiction. For the period under review, there was a total of 213 STRs/SARs filed in the jurisdiction (see Chapter 3 - Table 3.4). Having identified this issue, the TCI Authorities have yet to develop an understanding of the root cause of the problem. To try and address the issue however, they have increased the level of training to assist with identifying suspicious activity. In August 2018, the Authorities delivered targeted training on suspicious activity reporting to regulated entities. Although a slight increase in the number of STRs has been reported, this is of no significance given the presence of higher risk activities in the jurisdiction. 378. The highest number of STRs filed by FIs was by domestic banks and money services businesses. In comparing the information presented in Table 3.4 (Chapter 3), it is determined that the lower level of reporting by private banks is based on the selective clientele of these institutions as opposed to the domestic banks which serve a more diverse portfolio of customers. There was no information on STRs filed by investment companies or mutual fund administrators. 379. Most of the representatives of FIs interviewed indicated that there are reporting thresholds established, USD 10,000 in most instances. For banks and MSBs that operate within a group structure, it was noted that reporting of STRs is dependent on compliance officers who operate outside of the jurisdiction or the day-to-day operations of the licensee. Notwithstanding this information, these sectors reported the highest number of STRs. It was also noted that the procedures of reporting in these organisations required a more senior level of determination of whether to report the activity and this affected the timeliness of the reports. For the banking sector, the decision to report STRs was determined by a compliance officer operating outside of the jurisdiction while for the money service business sector, this was done by an offsite compliance officer. 380. FIs are aware that tipping off a customer is prohibited. DNFBPs
381. Most of the DNFBP sector is generally aware of the requirement to file reports of suspicious activities with the FIA. It is however not readily apparent that the DNFBP representatives fully understand the obligation to also report suspicions of funds associated with TF, perhaps because it is generally presumed in TCI that the risk of TF is low - the evaluation of which is not fully developed because of gaps in the consideration of relevant information and data, such as SAR/STR filings. 382. For the period under review, lawyers filed the most STRs, although not at levels commensurate with their high vulnerabilities for ML/TF risks (see analysis on Risk Mitigating Measures, IO4). Despite the size of the real estate market and high dollar property sales to high net worth international clients, the real estate filed a total of only 4 STRs for the period under review. It is likely that the sector’s lack of understanding of its sources of risks and failure to conduct an assessment of all relevant risk factors contributed to the low filing of STRs.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 111
383. The representative of the casino discussed established controls and procedures to minimise the occurrence of suspicious activities but given its international client base and high-risk domestic clientele, such as PEPs, the low filing of STRs by the casino does not appear reasonable. Car dealers and jewellers did not consider their operations to be susceptible to suspicious activities and had also never filed a SAR. The accounting has also never filed a STR, which could be attributed to the lack of relevant guidance to the sector by the FSC given its lack of information and knowledge on the extent to which these DNFBPs are engaging in services that make them susceptible to ML. This lack of specific guidance is also compounded by the fact that the sector has not been subjected to any risk-based AML/CFT monitoring. The main exception to the DNFBP sector being generally aware of the obligation to file STR are jewellers who are unaware of STR/SAR filing requirements (which include not understanding how to file an STR/SAR nor with whom to file it to). 384. Representations from the DNFBP sector also indicated that there may be gaps in understanding exactly what constitutes a suspicious transaction, and observations among some of the interviewees reveal a general unawareness to STRs. Observations from the interviews conducted with the DNFBP sector was that the August 2018 training mentioned above had not resonated at any meaningful levels with the sector, perhaps because sufficient time had not elapsed since the training to test their knowledge. There was general agreement across sectors that more training was needed in this regard. 385. DNFBPs would benefit from targeted and frequent outreach from the FSC, including sharing of specific and varied examples of suspicious activities. The conduct of workshops on suspicious activity reports filing would enhance their understanding and enable them to file quality STRs under appropriately applicable circumstances. Furthermore, greater supervisory oversight of compliance with AML/CFT requirements, including the filing of STRs, would add value in understanding the issue and developing remediation measures to address same. 386. Of all the DNFBPs interviewed, the real estate and legal sectors were the most aware of the obligations to prevent tipping off. Accountants that are part of a wider group structure are aware of the requirement, but high-value dealers were not. The extent to which these sectors effectively understand and engage in practices to avoid tipping off is not clear.
5.1.6. Internal controls and legal/regulatory requirements (e.g. financial secrecy) impeding implementation FIs
387. There is a requirement in the AML/PTF Code for all FIs (and also DNFBPs) in the TCI to maintain appropriate procedures for monitoring and testing compliance. Most of the FIs have established internal controls and procedures. The AML/CFT policies and procedures of these institutions are appropriately documented in manuals that guide day-to-day operations. These institutions are also subject to internal and external audits that examine and test their AML/CFT controls. Additionally, the appointment of a compliance officer in the FIs assists with ensuring that these controls are upheld. The banks in TCI that form part of a group have minimum AML/CFT group standards that they must also adhere to. MSBs also have internal policies, procedures and controls established by their international affiliates to ensure compliance with AML/CFT requirements. 388. The requirement for banks and MSBs that operate as part of an international group to be audited by group internal auditors provides another layer of quality assurance. There is no legal prohibition to impede internal controls or procedures of FIs in the TCI. These control measures and procedures within the banks and MSBs have been effective in ensuring a high level of
Mutual Evaluation Report of the Turks and Caicos Islands
112 │
compliance with local AML/CFT requirements. While most FIs have appointed a compliance officer within the institutions, the absence of adequate internal controls and procedures within CSPs and the trust and investment sectors has affected their level of compliance with AML/CFT requirements. DNFBPs
389. Implementation of internal controls by DNFBPs are at different levels and stages. Most real estate agents operate without guiding AML/CFT policies and procedures, do not have a money laundering reporting officer with relevant qualifications and experience, and fail to provide general governance and AML/CFT training to their staff. The Turks and Caicos Real Estate Association (TCREA) have sought to address some of these issues by commissioning a generic AML/CFT manual to be tailored by each member agency to fit their circumstances. This initiative is however not yet implemented and will not benefit agencies that are not members of TCREA. Considering the sector’s inherent ML/TF risks - which are particularly exacerbated by high levels of AML/CFT non-compliance, lack of AML/CFT supervision, and operations in an IFC - an all- encompassing approach is needed to bring the entire sector within compliance of national AML/CFT requirements. 390. Some law firms have procedures and internal controls and have appointed compliance officers to ensure implementation of those measures. ML/TF training for employees is also evident in these DNFBPs. Representatives from the accounting sector were from large international accounting firms that are generally required to implement and comply with group-wide AML/CFT policies and procedures. The extent of the application of these controls and policies was not ascertainable as the representatives spoke of them generally and did not demonstrate any experiences interacting with them. There was heavy reliance on the existence of procedures and controls rather than on their application. Smaller book-keeper type accounting firms, which made up the bulk of the sector, do not have internal systems and controls since they had not been subjected to any AML/CFT supervision. 391. The casino licensee is aware of the obligations for AML/CFT internal controls, policies and procedures and has appointed a compliance officer to oversee compliance with AML/CFT requirements, screen and train employees. Additionally, there were established controls at the casino including internal and external audit functions. It is unlikely that there are similar controls in other licensees in the gaming industry since the sector has not been subjected to AML/CFT supervision/monitoring and was only recently brought under AML/CFT regulations in August 2018. 392. Jewellers and car dealers do not have procedures for monitoring and testing compliance. Smaller DNFBPs, given the size of their businesses, are generally less sophisticated in satisfying internal control obligations, and will for example, assign the responsibility for compliance, business operations and AML/CFT training to one job position 393. There are no legal or regulatory requirements such as financial secrecy impeding the implementation of internal controls and procedures.
Overall conclusions on IO.4 394. The TCI is rated as having a Low level of effectiveness for IO.4.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 113
6. SUPERVISION
Key Findings and Recommended Actions
Key Findings FIs
a) The FSC has proper licensing requirements for most FIs, including banks, trusts, MSBs, CSPs, insurance and investment companies. Fit and proper criteria are clearly set out for directors and senior management, but not for beneficial owners. b) While the FSC has demonstrated some understanding of ML risks of the banking and MSB sectors, there is an overall lack of understanding of TF risks. There is limited to no understanding of the extent of the ML/TF risks associated with PORCs and captive insurance companies. c) AML/CFT supervision of the FI sector remains inadequate, however there has been some recent increase noted in the number of onsite examinations. There has been no AML/CFT examination of the investment sector during the review period, while there were 2 on-site examinations of the domestic life insurance sector between 2014 - 2017. The banking sector has not been subjected to adequate AML/CFT supervision with only 3 on-site examinations conducted within 5 years. 3 additional examinations were scheduled for the latter part of 2018. This limited number of examinations has affected the availability of data and information relating to AML/CFT compliance by the sectors. d) Due to the recent completion of the NRA, Supervisors have not fully implemented a risk-based approach to supervision. e) While the FSC has provided some guidance and outreach to the various FIs, the level of outreach is limited. Further, the low level of compliance with STR obligations suggests that training opportunities should be more focused to achieve improvement in this area. f) While the FSC has adequate enforcement powers, it has instituted very limited enforcement action against FIs. Further, a determination could not be made of whether remedial actions were dissuasive given the low level of follow-up activity. DNFBPs
g) DNFBPs in the legal, real estate, accounting, microfinance41 and high value dealer sectors are subjected to a registration process that does not require adequate suitability and vetting information. Not all businesses/persons, such as condominium developers, that engage in real estate services are registered with the FSC. h) The licensing requirements in place for casinos are to a very good standard and include background investigations of applicants’ criminal, financial and work history and other suitability factors. Other gaming operators are subjected to less stringent licensing standards that do not require BO information.
41 Microfinance is classified as a DNFBP in the TCI.
Mutual Evaluation Report of the Turks and Caicos Islands
114 │
Licensees are not subjected to any further due diligence checks within the 10-year licence holding period. Subsequent changes in management and ownership are subjected to vetting and approval requirements, but the extent to which these measures are carried out are unclear i) ML/TF risks within the DNFBP sectors are not understood to a good extent by the supervisors. Neither the FSC nor the Gaming Inspectorate has undertaken any risk assessment of the DNFBP entities and sectors, save for a thematic review of the real estate sector, under their supervisory remit. j) The FSC and the Gaming Inspectorate have not yet undertaken risk-based monitoring/supervision of the DNFBPs under their remit. k) The DNFBP supervisors are not adequately resourced and institutionally organised to undertake AML/CFT supervision of the DNFBP sector, but both supervisors have begun efforts to address these gaps. l) The FSC has not applied any sanctions against DNFBPs. The Gaming Inspectorate is able to apply sanctions against casinos under the POCO but has never done so nor has it had the opportunity to enforce the newly enacted Gaming Control Ordinance against other gaming licensees. m) Improved compliance within the DNFBP sector as a result of supervisory activities could not be adequately determined since there has been no AML/CFT supervisory oversight of DNFBPs. n) While the FSC has delivered training and guidance on AML/CFT obligations to its regulated entities, more targeted and frequent training is needed to adequately develop their understanding of ML/TF risks and AML/CFT obligations. o) No training or guidance has been provided to the gaming sector on AML/CFT obligations and ML/TF risks. Recommended Actions FIs
a) The FSC should conduct a comprehensive ML/TF risk assessment of the investment and insurance sectors, particularly PORCs and captive insurance companies, to identify the risks associated with these sectors. b) The FSC should continue with the implementation of a regular and consistent annual schedule of on-site examinations for FIs to adequately obtain data and information relative to AML/CFT compliance of regulated entities. The FSC should also conduct regular follow-up examinations to assess the implementation of recommended actions for corrective measures. c) The FSC should conduct more frequent and targeted AML/CFT examinations of the insurance sector and commence examination of the investment sector. Further, the FSC should ensure that its supervision is conducted on a risk-based approach. d) The FSC should conduct more outreach and training activities for reporting entities, so that they get a better understanding of their AML/CFT obligations, including STRs reporting and ML/TF risks. e) The FSC should ensure that sanctions are applied to all FIs with identified areas of non-compliance and such sanctions are proportionate and dissuasive. f) Competent authorities should ensure that provision in the legislation and other available measures allows for clear fit proper criteria for beneficial owners in its licensing requirements for FIs. g) The FSC should focus its supervisory activities on assessing compliance of supervised entities with STR obligations and impose remedial actions or sanctions where relevant. h) The FSC’s AML Supervision Department should increase its resources to undertake appropriate levels of on-site and off-site supervisory actions commensurate with the risk and size of the FI and DNFBP sectors. The AML/CFT supervisory function within the FSC should also be coherently organised and centralised to facilitate a better understanding of the precise scope of functions under the remit of the AML Supervision Department, and to cultivate a supervision/monitoring framework in which the ML/TF
Mutual Evaluation Report of the Turks and Caicos Islands
│ 115
risks can be better identified, understood and addressed. The FSC should ensure that ongoing training is provided to the current and new employees in the AML Supervision Department.
DNFBPs
i) Pursuant to CDD deficiencies identified in IO.4, the FSC should ensure that DNFBP’s compliance with CDD requirements for high-risk customers is being satisfied by the sector. The FSC should similarly ensure that there is adequate compliance by DNFBPs with recordkeeping and the screening of customers against sanction list. These supervisory activities should be prioritised for the legal and real estate sectors which have been shown to be particularly vulnerable to ML/TF risks. j) The FSC should establish clear licensing/registration guidelines including fit and proper assessments of shareholders, principals and senior management for the DNFBPs under its purview, especially for the legal profession and the real estate sectors, which are particularly vulnerable for ML/TF. Subsequent changes in ownership and management of DNFBPs should be subjected to vetting and approval by the FSC. k) National AML/CFT requirements, including registration and monitoring, should be extended to condominium developers, auctioneers and any other businesses/professions that engage in unauthorised real estate services. l) The FSC should commence AML/CFT monitoring/supervision of the DNFBP sector to aid in its understanding of ML/TF risks and develop an awareness of the level of AML/CFT compliance within the sector. The legal and real estate sectors should be a priority. m) As indicated in IO4, the FSC should deliver more targeted and focused ML/TF training and guidance for the DNFBP sector that prioritises addressing gaps in CDD requirements, including those for BO and PEPs. n) The Gaming Inspectorate should assess the ML/TF risks associated with the gaming industry, including gaming machines, gaming parlours and e-gaming, conduct appropriate reviews/examinations on a risk- sensitive basis, and take steps to ensure that the industry is adequately aware of the risks identified and are properly guided on risk mitigation measures and their AML/CFT obligations. o) The Gaming Inspectorate staff should be appropriately trained in national AML/CFT requirements and obligations and to conduct risk-based supervision/monitoring of the gaming sector. p) The Gaming Inspectorate should design and deliver AML/CFT training programmes and guidance to the gaming industry to sensitise them to national AML/CFT requirements and their ML/TF risks.
395. The relevant Immediate Outcome considered and assessed in this chapter is IO.342. The Recommendations relevant for the assessment of effectiveness under this section are R.14, R. 26- 28, R.34, and R.35.
Immediate Outcome 3 (Supervision) 43
396. The Financial Services Commission (FSC) is the AML/CFT supervisor for all FIs in the TCI, including banks, businesses in the investment sector, insurance companies, MSBs, trust businesses and CSPs. For purposes of this assessment, CSPs and Trust Businesses are treated as
42 When assessing effectiveness under Immediate Outcome 3, Assessors took into consideration the risk, context and materiality of the country being assessed.
Mutual Evaluation Report of the Turks and Caicos Islands
116 │
FIs. The FSC also supervises all DNFBPs, save for those in the gaming industry, which is under the purview of the Gaming Inspectorate. 397. In examining the effectiveness of TCI’s AML/CFT supervisory framework, as outlined in Chapter 1 (Financial Sector and DNFBPs) and Chapter 5, greater importance was placed on FIs44 (see Chapter 1 - Table 1.2), in which the banking, PORCs, CSPs, money services businesses (MSBs) are weighed as most significant; the trust companies as significant and less significant for life insurance companies (domestic), captive insurance companies, investment companies and mutual funds administrators. 398. Within the DNFBP sector, the legal, real estate and gaming sector (gaming machines) are weighed as most significant in terms of risks and materiality; accounting sector and microfinance as significant; and car dealers, casinos and jewellers as less significant.
6.1.1. Licensing, registration and controls preventing criminals and associates from entering the market FIs
399. The FSC is the AML/CFT supervisor for all FIs in the TCI, including banks, businesses in the investment sector, insurance companies, MSBs, trust businesses and CSPs. These FIs are subject to strict and detailed licensing requirements that are reasonably effective at preventing criminals and their associates from entering the financial sector. Established divisions within the FSC with oversight for both prudential and AML/CFT supervision of each financial sector have responsibility for processing licensing applications. A Licensing Committee, comprising of senior managers and chaired by the FSC’s Managing Director, is the final arbiter of most applications for licences received and processed by the various regulatory divisions, which conduct the initial assessment and make recommendations on approval of licensing applications. The Committee provides an added layer of due diligence to the application process and has on occasions declined or deferred the approval of applications for lack of sufficient information or investigation at the initial stage of processing. A special subcommittee considers licences for PORCs. 400. The FSC has issued guidelines/checklists that outline the licensing procedures for most FIs. The FSC’s licensing regime includes fit and proper tests that are done both at the licensing phase and on an ongoing basis. Fit and proper tests are conducted for senior management, directors and shareholders with 10% or more voting shares of applicant entities, all of whom are required to produce notarised copies of Government-issued identification documents, character reference letters, police records and proof of address. The fit and proper assessments include among other things, the evaluation of an individuals’ professional experience and competency, education, criminal history and solvency status. Other key employees, such as Money Laundering Reporting Officers (MLROs) and Money Laundering Compliance Officers (MLCOs) are also required to provide similar information about their fitness and propriety. 401. The fitness of the above noted persons may also be fully reassessed upon receipt of an application to affect a material change, as well as where there is an allegation or suspicion of misconduct. Changes of shareholders, directors and officers of regulated entities must be submitted for approval by the FSC. Other than the shareholders noted above, fit and proper assessments are not carried out for other types of BO of an applicant entity, whether at the licensing stage or ongoing, although BO information is required as part of the application process.
44 For the purposes of this assessment, CSPs and Trust Businesses are treated as FIs and analysed under that sector in keeping the TCI’s treatment of these sectors.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 117
402. The FSC monitors for unauthorised licensable activities by, among other things, conducting media surveillance, and ensuring that its Companies Registry is appropriately liaising with other relevant regulatory departments to detect businesses that may be providing financial services without a license. No breaches of licensing requirements were detected for the period under review. DNFBPs
403. Except for casinos, DNFBPs are subjected to a registration regime that is not effective in preventing criminals from holding interests in or managing entities within the sector. Lawyers, real estate agents/firms, accountants, microfinance companies and high-value dealers (car dealers and jewellers) must be registered with the FSC. These DNFBPs are also licensed by the Ministry of Finance but are not subjected to any due diligence requirements or licensing oversight by that agency. 404. Registration by the FSC does not include a fit and proper assessment of DNFBPs’ principals or senior management; applicants are only required to provide information sufficient for the FSC to identify and verify the identity of directors, MLRO/MLCO, and owners, including beneficial owners. No independent verification is undertaken by the FSC. Considering, the limited entry barriers and lack of suitable vetting and qualification requirements for operators in sectors such as real estate and microfinance, the FSC’s due diligence efforts are not adequate to mitigate against these gaps. These deficiencies also present a major gap in the FSC’s registration regime for the legal profession, which, based on the on-site interviews and other information presented to the assessors, have some entities that represent a risk for ML and other criminal activities. 405. Registration captures BO and basic CDD information, but not source of wealth (SOW) and source of funds (SOF) particulars. The lack of information on SOF and SOW precludes the FSC from being able to test the legitimacy of the financial backings of operators within sectors such as car dealers (especially the smaller outfits) and microfinance businesses that require significant financial resources. Microfinance businesses45 lend money to residents (where in at least one instance the maximum is USD 50,000) but are not subjected to any limits on lending amounts and interest rates. These features, especially coupled with the lack of AML/CFT supervision, may make microfinance businesses more vulnerable to being exploited for ML. Car dealers, on the other hand, require an outlay of funds to import and maintain inventories from countries like Japan. 406. DNFBP registration is renewable every 3 years, but not all comply with this requirement nor are they sanctioned by the FSC for non-compliance. While the legal, real estate and accounting sectors are aware of the renewal process, 1 high-value dealer revealed that since registering in 2013, it had not undergone any renewals, but was subsequently informed, months prior to the on- site visit, that renewal was necessary. Another high-value dealer also represented that it was unaware of the renewal process. 407. In addition, registration is not done for all DNFBPs. Condominium developers and auctioneers are known to provide property transactions, but these persons are not registered by the FSC to provide real estate services. 408. Out of all the DNFBPs, casinos are subjected to the most stringent licensing requirements, which include a two-tiered process—whereby due diligence and recommendations for approval
45 While under the FATF standards, microfinances are FIs, the FSC has taken the decision to treat them as DNFBPs and has advised that they will continue to do so until they have had the opportunity to properly assess the sector to determine whether there are any factors justifying treating them as FIs.
Mutual Evaluation Report of the Turks and Caicos Islands
118 │
is the remit of the Gaming Inspectorate and final approval is vested with the Board of Commissioners—that ensures suitably vetted persons operate casinos. 409. Casinos and other businesses in the gaming sector are licensed and regulated by the Gaming Inspectorate. A gaming licence is issued for 10 years and remains valid within this period even if the operations of the entity have ceased. The gaming operator cannot transfer the permission to operate a gaming operation. Currently, the Gaming Inspectorate licenses 678 Gaming machines, including 535 active gaming machines and 143 non-active gaming machines. The Inspectorate currently oversees 2 casinos (1 of which has been inactive), 8 gaming slot parlours and numerous bar machine operations. 410. Applicants for casino licenses are required to complete an application providing information, and the necessary evidentiary support, on CDD (e.g. BO information); work experiences; financial history (including banking information for 10 years, source of funds, tax returns, etc.); and criminal backgrounds. This information is subjected to further investigation that includes financial audit and suitability and criminal background checks, which are conducted through local and international agencies, including the RTCIPF, FBI, INTERPOL and private auditing companies. Background investigation includes the applicant’s family members and affiliated businesses. The due diligence process is extensive and typically takes between 3 to 6 months to complete. While the law requires management of the casino to complete the licensing application as well, there is no indication that these persons are subjected to the level of due diligence scrutiny detailed above. Notwithstanding the apparent rigor of the licensing process, an independent report of the gaming industry, commissioned by the Ministry of Tourism, Environment, Heritage, Culture and Gaming, found that the sector is still at a great risk of being infiltrated by criminals, particularly because of weaknesses in the regulatory framework for the gaming sector and inadequate supervisory resources. The newly enacted Gaming Control Ordinance is expected to address some of these gaps. 411. Slot machines owners, slot parlours and other gaming operators are required to be licensed, but the process is not as rigorous as that required for casinos. BO information is not required, but a police record and proof of ownership of gaming machines is required. No information was provided indicating that these requirements are applicable to the managers of these categories of licensees. Subsequent changes in ownership or management requires application, consent of the licensee and approval of the Governor who must be satisfied of such person’s character. The extent of the vetting measures carried under these circumstances is however not clear. 412. The lack of AML/CFT oversight of the DNFBP sector within the 2014-2018 period by the FSC limits its ability to detect breaches of registration requirements. However, the FSC indicated that it uses several other mechanisms to detect registration breaches, including surveying the media and leveraging its relationship with the business licensing unit (BLU) at the Ministry of Finance, which is said to require valid registration certificates from DFNBPs prior to licensing them. 413. Since the FSC does not maintain statistics on breaches of registration requirements, the assessors were unable to test whether these measures have been effective in identifying violations of the registration requirements. Furthermore, it does not seem likely that the FSC would be effective at detecting registration breaches through its relationship with the BLU, at least in the case of the high value dealers that explained that they carried out business for approximately 5 years before being required to renew their registration as DNFBPs, had not renewed their registration but still obtained licenses from the BLU.. For the period under review however, the FSC became aware of an unregistered entity (whose business strongly connoted the conduct of financial services business) that was providing DNFBP activity. Following discussions, the entity registered with the FSC as a DNFBP albeit with no sanction for its breach.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 119
414. For the gaming industry, the authorities have not demonstrated that there is any mechanism in place to detect breaches of licensing requirements.
6.1.2. Supervisors’ understanding and identification of ML/TF risks FIs
415. The FSC’s understanding of ML/TF risks within the FI sector is largely predicated on the NRA, which in many instances, does not fully analyse and support assessment of the risks in the financial sectors with regulatory, supervisory and investigative data and information. Information from LEAs and other competent authorities that could have helped the FSC in broadening its understanding of ML/TF risks within the FI sector has been very limited. For the review period, only 1 typology has been produced by the FIA that addresses FIs. STR/SAR filing is also low among FIs and therefore provided limited value to an understanding of ML/TF risks in the sector. Limited AML/CFT examinations also impacted the FSC’s awareness of risks in the FI sectors. While the NRA recognises TCI’s vulnerability as an IFC to exploitation by criminal interests and the financial sector’s exposure to such risk, it did not conduct a full and meaningful assessment of such risks. 416. FIs in the CSP, banking and trust business sectors were rated as having the greatest risks for ML/TF. CSPs, more than any other FIs, have been subjected to greater supervisory oversight by the FSC, which has improved the supervisor’s awareness of risks. Identification and assessment of risks in the sector were also based on inherent risks associated with the sector and risk assessments conducted by various CSPs. Deficiencies identified in the CSP sector by the FSC include the failure by entities (within a common ownership arrangement with trust businesses and the legal profession) to conduct required CDD and other client on-boarding activities and failure to effectively monitor client transactions. These deficiencies when coupled with CSPs’ incorporation of international companies operating outside of TCI’s AML/CFT regime and low levels of AML/CFT compliance could heighten the risk profiles of CSPs. 417. For the banking sector, the identification and assessment of risk was largely based on TCI’s status as an IFC and international requests that involved banks. Given this recognition by the authorities and the fact that for the review period, no examination of banks had been carried out until in 2018, a comprehensive evaluation of the various risk factors (e.g. customer, geography, transactions, products, etc.) would have been useful in deepening the understanding of risks, especially in the domestic context. 418. The FSC is aware of the inherent risks to the trust sector. The trust businesses sector, however, should also be subjected to a comprehensive risk review, since the sector has high net worth individuals, sizable assets under management, provide quasi-banking services (e.g. prepaid credit cards and mortgage lending) and does not conduct adequate CDD measures. 419. The MSB Sector has been given an ML/TF risk rating of medium since the majority of the business consists of outbound remittances. Given the perceived risk of the MSB sector being used for the illicit movement of funds, the sector in TCI has suffered from de-risking by banks in the jurisdiction. This action and the resulting activities may not, however support the medium rating of the sector. Also, while there was some analysis of STRs filed by the sector, there is no evidence that the results were used to inform this rating. 420. The FSC has not demonstrated adequate awareness of the risks of the investment sector. The authorities advised that since license holders of investment businesses are mostly banks and other regulated businesses, the risks to the sector are minimised. This view is however inconsistent with the lack of on-site AML/CFT supervision of the sector, the size of its assets under
Mutual Evaluation Report of the Turks and Caicos Islands
120 │
management (USD 864 million), and the fact that the sector operates within an IFC that facilitates the flow of cross-border funds on a non-face to face basis. More work needs to be done to broaden the understanding of risk in the investments sector. 421. TCI’s insurance sector comprises of both a domestic insurance and an international insurance sector. The domestic sector consists of both life insurance and general insurance (non- life), which accounted for USD 2.5 million and USD 32 million in annual premiums respectively. AML/CFT Regulations in the TCI apply only to long term insurance business or any form of life insurance business or investment related insurance business; general insurance is not covered. The domestic sector was rated as low because of the low premiums in the life insurance sector and the TCI’s exclusion of general insurance which offer products that do not have characteristics that are attractive to criminals. This risk rating may not be reasonable however given that only 1 AML/CFT examination has been conducted and as stated in the NRA report, this factor has limited knowledge the FSC's on the level of AML/CFT compliance by the sector. 422. Better understanding of the risks in the international insurance sector is also needed since it comprises of PORCs and captive insurance businesses that account for the majority of companies formed within the TCI that operate internationally and are not subjected to AML/CFT supervision by the FSC. The FSC has however acknowledged that the ML/TF threats and vulnerabilities of the international insurance sector have not been fully evaluated and will address this gap.
DNFBPs
423. Understanding of ML/TF risks by the DNFBP supervisors is primarily based on the NRA, which though has some gaps, provided a starting point and framework for the authorities to develop better appreciation of the risks in the DNFBPs sector. 424. ML/TF risks in the real estate sector are understood at adequate levels and have been identified and assessed in both the NRA and a supplemental thematic review conducted by the FSC in the 2016-2017 period. The NRA found the sector was particularly vulnerable to being infiltrated by criminals due to a lack of entry controls, and a sales-driven culture that compromised AML/CFT compliance. The thematic review focused on ascertaining the extent to which the sector was identifying and managing high-risk clients and the adequacy of ML/TF training for persons operating within the sector. Neither requirement was adequately met by the sector. The review also identified serious gaps in the sector’s assessment of its risks, including a lack of understanding of the sources of risks and a failure to evaluate all relevant risks factors (e.g. non- face-to-face interactions with clients, and use of companies to hide BO information). 425. Notwithstanding the value of the assessments in the NRA and the thematic review, the real estate sector’s limited understanding of CDD requirements, including those relating to BOs and PEPs, as well as sanctions and associated screening requirements are ML/TF vulnerabilities that were not explored in either mechanisms. A critical gap in the real estate sector that has not been assessed is also the lack of an informed and full understanding of the geographical origins of the sector’s client base which is further compounded by CDD non-compliance in the sector. 426. Findings of the risk in the legal sector spoke generally of the specialised knowledge and expertise within the profession that makes it especially attractive to being exploited to commit crimes. A domestic review of the extent of such abuse, especially within the context of lawyers providing services to international clients, would have helped developed better understanding of the sector’s client profile, susceptibility to ML/TF abuse and gaps in CDD compliance.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 121
427. The FSC’s understanding of the ML/TF risks to its other DNFBP registrants - lawyers, accountants and high value dealers (microfinance businesses, jewellers and car dealers) - is very limited. One reason for this is that the findings in the NRA on these sectors were often speculative, based on assumptions and lacked support in supervisory, regulatory, investigative and enforcement information. The other reason is that these sectors, like the real estate sectors, have never been subjected to any AML/CFT supervision, which could have helped in understanding the risks. The high-value dealers and bookkeeper-type accountants have no experience of operating in a regulated AML/CFT environment. 428. ML/TF risks in the gaming sector are understood to a fair extent by the Gaming Inspectorate and are mostly predicated on the findings of an independent report that was commissioned by the Ministry of Tourism, Environment, Heritage, Culture and Gaming. Some of the findings in the Report were reflected in the NRA, and included, among other, weaknesses in the legislative framework that hampered effective supervision and inadequate due diligence for owners and operators of gaming businesses. A critical risk identified by the Report is that the Gaming Inspectorate is unable to conduct effective regulatory oversight because it lacks sufficient power, authority and resources. Similarly, the Report concluded that there was a lack of regulatory oversight into the revenues in the gaming sector, where especially casino revenues could not be independently verified. 429. The ML/TF risks to gaming machines/slot machines articulated in the NRA were however based on assumptions and not supported by any objective data or information on the abuse of such machines by criminals. A proper assessment of the risks to the gaming sector was also limited by the lack of AML/CFT supervision of the sector and limited STRs/SARs filed with the FIA, both of which could have provided useful information on ML/TF risks for customers, products, transactions or delivery channels. 430. A major deficiency in the understanding of the ML/TF risks in the DNFBP sector is the lack of an assessment that comprehensively examines their risks within the context of TCI’s status as an IFC. Neither the FSC nor the Gaming Inspectorate has a comprehensive view of the sectors’ client base nor of their geographical origins and level of activities in TCI. This is especially critical for lawyers and real estate agents that have international clients. Also impacting the supervisors’ ability to properly and timely identify and understand risks in the DNFBP sector is the lack of AML/CFT supervisory oversight of the sector. Neither the FSC nor the Gaming Inspectorate have undertaken any on-site or offsite AML/CFT supervision of DNFBPs or conducted risk assessments of the individual entities within each of the DNFBP sectors. 431. Little to no STR filings by the sector has prevented the development of trend analysis and typologies that could be useful to an increased understanding of the sectors’ exposure to ML/TF risks. The FSC’s plans to expand AML/CFT supervision to DNFBPs and conduct thematic reviews of the legal, accounting, and high-value dealer sectors are steps in the right direction to developing greater understanding of ML/TF risks, as are similar plans underway by the Gaming Inspectorate. In any event, more work is needed to aid the development and implementation of a comprehensive risk-based approach to supervision of DNFBPs.
6.1.3. Risk-based supervision of compliance with AML/CFT requirements FIs
432. Risk-based supervision by the FSC of FIs is at an early stage. In 2014, the FSC conducted 3 on-site examinations (1 Bank and 2 CSPs), 12 in 2015 (3 MSBs and 9 CSPs), 7 in 2016 (5 CSPs, 1 Trust Company and 1 Insurance Company), 7 in 2017 (1 Trust Company, 2 MSBs and 4 CSPs), and 9 in 2018 (3 Banks; 1 Trust Company; 4 CSPs and 1 MSB). Based on the limited
Mutual Evaluation Report of the Turks and Caicos Islands
122 │
number of on-site examinations conducted during the period 2014-2017, the FSC has not been effectively able to supervise or monitor the extent to which FIs are complying with their AML/CFT requirements. During the period under review, the FSC conducted a total of 30 on-site examinations, 20 of which were CSPs and 5 were of MSBs. The decision to conduct the examinations was based on generally perceived risks associated with the sectors rather than on any specific risk assessments. 433. Following the NRA, the FSC has worked to develop its risk-based framework, including amending and finalising its RBA policy and scheduling planned AML/CFT examination of several sectors deemed medium high risk in the NRA. The selection of entities for examination however does not appear to be based on any real understanding of their specific ML/TF risks. 434. The increase in on-site examinations over the years by the FSC is commendable and it is noted that considerable effort has been made in 2018 to increase the number of compliance examinations across all sectors. It is expected that the results of these examinations will enhance the identification of those entities that are compliant with AML/CFT requirements and the FSC’s understanding of the ML/TF risks of the regulated sectors.
Table 6.2: Inspections conducted by the FSC.
Onsite examinations of Financial Institutions Year No. and Type of Institution 2014 3 (1 Bank; 2 CSPs) 2015 12 (3 MSBs; 9 CSPs) 2016 7 (5 CSPs; 1 Trust Company; 1 Insurance Company) 2017 7 (1 Trust Company; 2 MSBs; 4 CSPs) 2018 9 (3 Banks; 1 Trust Company; 4 CSPs and 1 MSB)
435. The FSC has an established AML Supervision Department with a remit to address AML/CFT matters, including conducting on-site and off-site AML/CFT examinations of all regulated sectors. The Department is not yet fully undertaking these functions because of resource constraints (there are only 4 members, namely 3 technical staff and a Director) and issues in technical capacity of the staff. Further, the AML Supervision Department has only recently started conducting AML/CFT examinations of some sectors, but at the time of the on-site interviews, it had mostly done so of the CSP sector and only as part of a joint effort with the Company Management Department. 436. The specific departments (namely Bank & Trust Department & the Insurance Department) conduct prudential examinations with some consideration of AML/CFT issues, but at the time of the on-site the assessors were informed of the intention to jointly undertake AML/CFT examinations with the AML Supervision Department. The FSC officials provided the assessors with information on the coordination of these examinations which should assist with the identification and understanding of AML/CFT compliance by the sectors. 437. A gap exists in AML/CFT supervision of the insurance sector. While general insurance business has been excluded from AML/CFT monitoring, the jurisdiction has demonstrated only
Mutual Evaluation Report of the Turks and Caicos Islands
│ 123
limited monitoring of long-term (life) insurance business. Therefore, AML/CFT compliance by the sector has not been fully assessed. Additionally, there is no supervision of the international insurance companies, which as exempt companies, operate outside of the jurisdiction and in most cases are affiliated with businesses outside of the TCI. With the absence of a supervisory regime, their compliance with AML/CFT measures is unknown. 438. The FSC has conducted on-site examinations of the MSB Sector and has determined that these entities have a satisfactory level of AML/CFT compliance. During these examinations, an assessment of AML/CFT measures implemented has revealed that some improvements are required. The follow-up examinations scheduled for 2018 are expected to indicate whether any improvements have been noted in their AML/CFT compliance. 439. The FSC has issued some examination reports to those FIs, however the level of follow-up activity to assess remedial actions to improve AML/CFT compliance has been very limited. There has been no consistency applied for follow-up processes to ensure that FIs correct the AML/CFT deficiencies identified. 440. The FSC’s current AML/CFT supervisory framework is also not conducive to a monitoring regime for the FIs sector that would allow for a centralised and coherent perspective of ML/TF risks and AML/CFT compliance in the sector. AML/CFT functions in the FSC are split among various departments and the AML Supervision Department, although designated to handle all things related to AML, does not have a clear or cohesive strategy for executing that remit. There is no clear articulation of whether the current framework would persist or of the demarcation of AML/CFT roles between the AML Supervision Department and the other departments. The precise nature, extent and effectiveness of the current collaboration between the departments is also not clear. Similarly, unclear is how the result of supervisory activities are recorded, analysed, accessed and shared between the departments to facilitate effective monitoring/supervision. DNFBPs
441. Neither the Gaming Inspectorate nor the FSC has conducted any on-site or off-site risk- based AML/CFT supervision or monitoring of DNFBPs under their remit for the period under review. The FSC’s understanding of the risks in the DNFBP sector is to a fair standard and its interaction with DNFBPs has been limited to their registration, save for the thematic review conducted of the real estate sector in 2016-2017. Prior to that time however and since the commencement of registration in 2013, the FSC had not undertaken any risk-based supervisory activity of the sector. Several compliance gaps exist in the DNFBP sector that AML/CFT supervisory oversight, was it in place, could have helped to cure or mitigate. At the time of the on-site, the FSC had not taken any supervisory activities to address the issues of DNFBPs not conducting adequate CDD measures, checking and screening against sanction lists, assessing their risks, establishing risk management systems for monitoring PEPs in keeping with AML/CFT requirements, identifying and verifying BO information, and filing STRs/SARs. 442. A Strategic objective in TCI’s National Strategy is to bring the DNFBP sector under AML/CFT monitoring/supervision. At the time of the on-site however, this had not materialised, and thematic reviews of the legal, accounting and high-value dealer sectors had not occurred, though the FSC advised that efforts are underway for the legal sector. 443. Moreover, the AML Supervision Department, with only 3 technical staff and a director, is not adequately resourced to monitor the over 134 DNFBPs, especially considering that the Department is responsible for monitoring AML/CFT compliance of over 197 NPOS and sharing in the AML/CFT’s supervisory and monitoring remit of over 90 FIs, 7,504 PORCs and 69 captive insurers.
Mutual Evaluation Report of the Turks and Caicos Islands
124 │
444. The Gaming Inspectorate at the time of the on-site was in a transition phase, and AML/CFT supervision of the gaming sector remained uncertain as the supervisor had not received any related training. Although Goal 2 of the National Strategy speaks to regulating the gaming industry, the focus of the impending Gaming Inspectorate seemed to be licensing and daily oversight of casino and the officials seemed relatively unaware of the importance of AML/CFT supervision of the sector. Further, the industry only became subjected to AML regulations in August 2018 when the AML/CFT provisions of the Gaming Control Ordinance became effective. At the conclusion of the onsite however, much of the law still remained unenforceable, including provisions relating to enforcement and sanctions. A risk-based supervisory framework is also not yet in place. The Gaming Inspectorate is not resourced or institutionally organised to undertake AML/CFT monitoring/supervision pursuant to the Gaming Control Ordinance. Efforts to address this deficiency are in train. 445. Recent amendments to the AMLR require the FSC to supervise DNFBPs on a risk-sensitive basis. A similar obligation exists for the Gaming Inspectorate but only for casinos; risk-based supervision is not required for the other licensees in the gaming industry.
6.1.4. Remedial actions and effective, proportionate, and dissuasive sanctions FIs
446. The FSC has adequate enforcement powers that allow it to institute a wide range of sanctions, including revocation of licenses, issuing directives and imposing financial penalties for breaches of AML/CFT violations. During the review period, there have been very few sanctions imposed for non-compliance with AML/CFT requirements. Where remedial actions have not been carried out by FIs in a timely manner, the FSC has issued warning letters and conditional licences, and delayed the renewal of licences. The jurisdiction has attributed the low level of sanctions to its focus on remediation of deficient controls identified during on-site examinations and communicated to FIs in examination reports. The FSC has utilised the mechanism of conditional licence approval to achieve effectiveness. Follow-up examinations have been scheduled to determine whether any improvements have been made. 447. Sanctioning and the imposition of remedial actions by the FSC is limited both in terms of frequency and the financial sectors targeted. The focus has been almost entirely CSPs. Between 2014 and August 2018, the FSC issued a total of 10 enforcement/remedial actions for AML/CFT related matters, which included 5 directives, 1 penalty notice, 1 notice of intent to revoke licence and 3 notices of intention to take disciplinary action. As 50% of these actions were instituted within 2018, some within a month of the on-site visit, sufficient time has not elapsed to test the level of effectiveness and dissuasiveness of those measures. There was however substantial compliance by the licensees with the other enforcement matters. 448. Moreover, the FSC has not issued any sanctions against FIs in the MSB, banking, investment or international insurance sectors for AML/CFT breaches. It was therefore not possible to determine the extent to which remedial actions or effective, proportionate and dissuasive sanctions are applied in these sectors.
Table 6.2. AML/CFT-Related Enforcement & Remedial Actions by the FSC (2014-2018).
Year Sector Type of Action Nature of Aggrieved Issue Total Action
Mutual Evaluation Report of the Turks and Caicos Islands
│ 125
2014 Insurance Notice of Intention to take Failure to appoint 1 Disciplinary Action and Penalty MLRO/MLCO
Notice 2015 CSP Notice of Intention to Take Failure to appoint 1 Disciplinary Action MLRO/MLCO
2016 Trust Directive Failure to implement AML Polices 1
2017 Failure to produce Business Risk CSP Notice of Intention to Revoke Assessment and implement AML License Policies
1 2018 Insurance Directive Production of AML Polices & Business Risk Assessment 6 Insurance Notice of Intention to Take Failure to Produce Business Risk Disciplinary Action Assessment & Implement AML Policies CSP Directive Production of Business Risk Assessment CSP Directive Production of AML Policies CSP Directive Production of Compliance Report CSP Notice of Intention to Take Multiple Failures to Produce Business Disciplinary Action Risk Assessment Total Action for the Period 2014-2018 10
DNFBPs
449. DNFBPs have not been subjected to any enforcement action by the FSC or the Gaming Inspectorate for breaches of AML/CFT requirements. The repeated compliance failures in the sector regarding CDD, PEPs, BO, sanction screening, for example, suggest that the application of sanctions or other remedial measures by the FSC or the Gaming Inspectorate would have been justified. 450. The Gaming Inspectorate has recently acquired legislative authority to institute sanctions against only casinos; it has no ability to sanction or carry out enforcement actions against other licensees in the gaming industry. Furthermore, provisions relating to enforcement under the Gaming Control Ordinance (2018) are not yet in force.
6.1.5. Impact of supervisory actions on compliance FIs
451. The impact of the FSC’s supervisory actions on compliance has been mostly seen in the CSP sector as it has been subjected to more AML/CFT scrutiny than any of the other FI sector. However, based on the deficiencies noted in the examination reports and representation in the NRA, the sector’s continuing low levels of AML/CFT compliance suggest that supervisory efforts may not be sufficiently robust. A persistent compliance weakness in the sector has been the lack of effective processes, procedures and controls that ensure acceptable standard of customer due diligence (particularly as it relates to monitoring client activity). Better training of persons involved in the delivery of services by CSPs is also needed. 452. AML/CFT compliance in the MSB sector has also seen improvements over the period, with one of the three MSBs in country showing demonstrable improvement in its examination assessment over a 2-year period. It is not clear however that these remedial efforts are influenced by the FSC’s efforts. On-site interviews with MSBs revealed that as part of a group structure, they
Mutual Evaluation Report of the Turks and Caicos Islands
126 │
apply group-wide AML/CFT controls and practices, which has increased in recent years in response to de-risking or the threat of same. 453. FIs in the investment, international insurance, trust businesses and banking sectors have been subjected to limited or no AML/CFT supervisory actions. It was therefore difficult to substantiate compliance improvements by these sectors as a result of supervisory efforts by the FSC. 454. The FSC has increased the number of on-site examinations to assess the level of AML/CFT compliance by regulated entities. This increased frequency is expected to heighten the awareness of FIs on the importance of AML/CFT obligations in their respective organisations. Goal 5 of the National Strategy is to effectively supervise and monitor FIs and NPOs and the FSC has been named as the lead agency in achieving this goal. It is anticipated that the scheduled on-site examinations will reveal the effectiveness of this interaction on the AML/CFT regimes in the various entities. DNFBPs
455. As indicated earlier, the extent of the FSC’s supervisory interactions with the DNFBP sector is limited to registration and a single thematic review of real estate sector. While the FSC indicated that it recommended remediation actions to the sector to address the low levels of compliance awareness identified by the review, no information was provided to show that compliance improved in the sector in response to the FSC’s recommendation and the findings in the review. Similarly, without any AML/CFT monitoring of the over 100 DNFBPs under its remit, the FSC was unable to demonstrate that it undertook AML/CFT supervisory activity that resulted in improved AML/CFT compliance by these DNFBPs for the period under review. 456. Similarly, the Gaming Inspectorate, which has never subjected the gaming industry to any AML/CFT supervision/monitoring, could not satisfy this core issue.
6.1.6. Promoting a clear understanding of AML/CFT obligations and ML/TF risks FIs 457. The FSC has issued sector specific guidance documents to all FIs which has resulted in the implementation of improved mechanisms and controls in their operations. Specialised training is however required to assist with their assessment of ML/TF risks and their understanding of the obligations under the AML/CFT legislation. This training would help to provide overall improvement of their understanding of ML/TF risks. This gap is compounded by disagreements by the trusts, investments and international insurance sectors with the ML/TF risk ratings assigned by the FSC. DNFBPs
458. Efforts by the FSC to promote understanding of AML/CFT obligations and ML/TF risks have been addressed to both the DNFBP and FI sectors. These activities have included the FSC’s annual training meetings, electronic bulletins and updates on legislative or supervisory changes, as well as seminars delivered jointly throughout the period under review on compliance and risk management. While useful for providing information on general AML/CFT topics, these training and outreach were generic in nature. The training events therefore did not provide the requisite targeted training to enhance the DNFBP sector’s understanding of AML/CFT obligations and risks — which is important considering the gap in this area (see Chapter 5 – IO.4) and the lack of AML/CFT oversight of the sector.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 127
459. The sector can benefit from targeted training, guidance, and outreach from the FSC, in accordance with the sector’s request for the FSC to interface more with the private sector. The FSC has undertaken some efforts in this respect by conducting a recent training session with the real estate sector focused on assessing risks associated with their operations. The thematic reviews scheduled for the legal, accounting, and high-value dealer sectors could encourage dialogue on AML/CFT requirements. Appropriate sensitisation of the recent amendments to the AML/CFT laws is also necessary to increase knowledge of legal AML/CFT requirements. DNFBPs interviewees, such as car dealers, microfinance businesses and lawyers advised that guidance on legislative amendments could be improved. The number and passage of various pieces of legislation were challenging in maintaining awareness of new AML/CFT requirements. 460. The FSC has issued AML/CFT handbooks for the real estate, legal, accounting and high- value dealer sectors. Interviewees within these sectors were however mostly unaware of or did not use the handbooks to guide or inform compliance with AML/CFT requirements. Further, the scope and organisation of the information in the handbooks also raised questions about their utility to the DNFBP sector. The handbooks could benefit from greater coherency in their organisation. Notably, they lacked specific guidance on key ML/TF issues, including for example, the type of EDD measures applicable to PEPs; methods of identification and verification of customers within the local context; programmes on internal controls against ML/TF (auditing, employee screening and training, etc); and components of a risk-based approach. 461. The FSC has begun to undertake activities to address the inadequate level of ML/TF risk appreciation in the DNFBP sector. A thematic review was conducted of the real estate sector with more plans to continue further reviews in the sector; review of the legal sector is underway, and plans are in place to have further dialogue with the DNFBP sector on risks. In August 2018, the FSC in collaboration with the FIA conducted a seminar that, among other things, addressed conducting risk assessments generally. 462. The Gaming Inspectorate has not undertaken any outreach/awareness activities to sensitise its licensees to their AML/CFT obligations. The authority indicated however that those efforts were due to commence in November 2018.
Overall conclusions on IO.3 463. TCI is rated as having a Low level of effectiveness for IO.3.
Mutual Evaluation Report of the Turks and Caicos Islands
128 │
7. LEGAL PERSONS AND ARRANGEMENTS
Key Findings and Recommended Actions
Key Findings
a) Information on the creation and types of legal persons and legal arrangements that can be created in the TCI is publicly available. The FSC has a public register of companies and limited partnerships formed in the TCI. b) The ML/TF risks and vulnerabilities associated with companies and trusts were assessed through the NRA. The jurisdiction has a reasonable understanding on how companies, CSPs, lawyers and Professional Trustees (PTs) can be misused. The risks and vulnerabilities associated with partnerships were not assessed. c) The FSC has measures in place to mitigate the ML/FT risks identified by the TCI, to prevent the misuse of legal persons and arrangements. All companies will be subject to same requirements of filing basic and BO information with the FSC. However, CSPs and Professional Trustees have downplayed the risk associated with their sector. Overall, despite the mitigating measures in place, there are concerns about the accuracy of the information held by the CSPs. d) There is non-face to face business between exempt companies and the CSPs. CSPs depend on exempt companies to send annual returns and other records. Not all exempt companies file their annual returns with CSPs in a timely manner as such the information on some exempt companies may not be accurate. e) Some CSPs rely on CDD done by intermediaries. This increases the risk that information may not be accurate as there is no verification done by those CSPs to ensure the veracity of the information obtained from intermediaries. As it relates to PTs, because of the long-standing nature of the client relationship updating basic and BO information may not be done in a consistent manner. These 2 factors can potentially affect basic and BO information from being adequate, accurate and current. f) All competent authorities can access basic information from the FSC. The FSC has a Beneficial Ownership Register that is only accessible to the RTCIPF. However, BO information can be accessed through statutory powers from CSPs and PTs. g) There is timely access to BO information and the competent authorities have not highlighted any challenges in getting this information from either the FSC or CSPs. h) The FSC has struck companies off the register for failing to file annual returns in a timely manner. However, this is not used consistently, thus, reducing the effectiveness of the sanction. Generally, the full range of sanctions are not used where there is failure to comply with filing and record keeping requirements or obligations to keep and maintain up to date information regarding basic and BO. Directives are the favoured remedial measure.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 129
Recommended Actions
a) Oversight of CSPs and PTs should be more consistent to ensure there are implementing CDD requirements and obtaining BO information (see IO 3 also). b) There should be increased outreach to CSPs and PTs to enable them to understand the ML/TF risks associated with their business. c) Measures should be put in place by the FSC to address the risks presented where CSPs and PTs use CDD information provided by intermediaries. d) The FSC is encouraged to use the full range of sanctions provided by law to ensure compliance with filing annual returns, keeping records and maintaining basic and BO information by CSPs and PTs. e) TCI should assess the risk associated with Partnerships.
464. The relevant Immediate Outcome considered and assessed in this chapter is IO.5. The Recommendations relevant for the assessment of effectiveness under this section are R.24-25.46
Immediate Outcome 5 (Legal Persons and Arrangements)
7.1.1. Overview of legal persons and legal arrangements 465. The FSC maintains central registers of all companies and limited partnerships. These Registries which are located in the FSC, are namely the Companies Registry and Limited Partnership Registry. The vast majority of legal persons in TCI are companies. The legal persons which may be created and registered in the TCI are companies and limited partnerships. Companies are created under the Companies Ordinance 2017 (CO 2017). However, at the time of the onsite there were companies that were still created under the Companies Ordinance, Cap 16:08 in existence. All companies formed under the Companies Ordinance, Cap 16:08 were required to be registered under the CO 2017 and submit the necessary documentation required for registration under the new Ordinance by December 31st, 2018. This was a voluntary process and if at the end of the period, companies were not registered they were automatically registered by the registry as is further explained in a subsequent paragraph of this report. Further, under the new Companies Ordinance, exempt companies will now be classed as ‘international companies’ and subject to the same registration and incorporation requirements as all other companies47. 466. Limited Partnerships (LLPs) are created under the Limited Partnership Ordinance while Ordinary Partnerships are created under the Partnership Ordinance and Common Law. The Companies Registry is responsible for the incorporation of legal persons under the CO 2017. As at July 2017, 99.59% of active legal persons registered on the central register were companies compared to 0.41% which were LLPs.
46 The availability of accurate and up-to-date basic and beneficial ownership information is also assessed by the OECD Global Forum on Transparency and Exchange of Information for Tax Purposes. In some cases, the findings may differ due to differences in the FATF and Global Forum’s respective methodologies, objectives and scope of the standards. 47 As a result of the Companies and Limited Partnerships (Economic Substance) Ordinance 2018, the Companies Ordinance is amended to abolish the distinction between international and domestic companies so that effective July 1, 2019 there will no longer be a class of companies called “international companies”.
Mutual Evaluation Report of the Turks and Caicos Islands
130 │
467. Legal arrangements which may be created in the TCI are trusts. Trusts can be created under the English common law or the Trust Ordinance. Only a licensed trustee in TCI can form and maintain trusts, with the exception of bare trusts. Trusts are not registered; however, the licensed trustee is regulated and supervised by the FSC. As at June 30th, 2018, the trust sector, comprising mostly ‘small boutique firms’ that provide general trust services, had USD 848.1 million of assets under management, 77% of which is held by 4 trust companies (see Chapter 1). 468. The tables below set out the type of legal persons that may be created in the TCI and the number that are within the jurisdiction. It is important to note that Table 7.1 represents the companies that could have been formed prior to 2019. The Companies Ordinance 16:08 is no longer in force and companies may only be formed under the Companies Ordinance 2017.
Table 7.1. Legal Persons in TCI – Companies.
Type of Companies Description Governing Law Number as at July 24, 2018 (with the percentage from the overall companies within the TCI) Ordinary Company – -Limited by shares Companies Ordinance 5277 permitted to do business -Limited by guarantee 16:08 (31.27%) in the TCI -Limited by guarantee with a share capital -Unlimited Domestic Company – -Limited by Shares Companies Ordinance 333 permitted to do business -Limited by Guarantee not 2017 (1.97%) in TCI authorised to issue shares -Limited by Guarantee authorised to issue shares -Unlimited authorised to issue shares -Unlimited not authorised to issue shares Exempted Company– -Limited by shares Companies Ordinance 10476 business to be conducted -Limited by guarantee 16:08 (62.08%) mainly outside TCI -Limited by guarantee with a share capital -Unlimited Foreign Exempted -Limited by shares Companies Ordinance 162 Company- this is a -Limited by guarantee 16:08 (0.96%) company that is -Limited by guarantee with continued in the TCI a share capital from another jurisdiction -Unlimited
Mutual Evaluation Report of the Turks and Caicos Islands
│ 131
Limited Life Company – -No share capital Companies Ordinance 17 this is an exempted 16:08 (0.10%) company; however, the life of the company cannot exceed 150 years International Company– -Limited by Shares Companies Ordinance 388 business to be conducted -Limited by Guarantee not 2017 (2.30%) mainly outside of the authorised to issue shares TCI, no decisions taken -Limited by Guarantee in TCI, not authorised to issue shares headquartered in TCI -Unlimited authorised to issue shares -Unlimited not authorised to issue shares Non-profit Company -No share capital Companies Ordinance 219 16:08 (1.30%) Non-profit Company -Limited by guarantee Companies Ordinance 1 authorised to issue shares 2017 (0.01%) -Limited by guarantee not authorised to issue shares. Protected Cell Company Protected Cell 2 Ordinance and (0.01%) Companies Ordinance
Table 7.2. Legal Persons in TCI – Partnerships.
Type of Partnerships Description Governing Law Number as at July 24, 2018 Limited Partnerships -Partnership with 1 or more Limited Partnership 19 general partner with Ordinance unlimited liability and 1 or more partner with limited liability Exempted Limited -Partnership with 1 or more Limited Partnership 55 Partnerships general partner with Ordinance unlimited liability and 1 or more partner with limited liability. -The business to be conducted mainly outside TCI
Mutual Evaluation Report of the Turks and Caicos Islands
132 │
Ordinary Partnership -Partnership between 2 or Partnership Ordinance Ordinary Partnerships are more entities and Common Law not a regulated sector and there is no information on the number of ordinary partnerships in existence.
7.1.2. Public availability of information on the creation and types of legal persons and arrangements 469. Information on the creation and types of legal persons and legal arrangements is found in the relevant laws. These laws that are publicly available can also be obtained through the FSC’s website at www.tcifsc.tc. This website provides public access to the relevant laws that describes the various legal persons and legal arrangements that can be created and the procedures to be followed to establish a legal person or legal arrangement. 470. Approved forms are also found on the website including forms that deal with incorporation, voluntary registration, appointment of change of directors, notice of first members and trust companies. Additionally, information on the creation both legal persons and legal arrangements can also be obtained by contacting the Registrar of Companies either by visiting the office, telephone or email. Relevant contact information is provided on the website for persons to submit emails or call the FSC.
7.1.3. Identification, assessment and understanding of ML/TF risks and vulnerabilities of legal entities 471. TCI has assessed the ML/TF risks and vulnerabilities of licensed companies through the NRA. However, there was no assessment of partnerships. The banking sector, CSPs, investment sector, trust company, gaming sector, money services sector and the insurance sector (domestic and international) were assessed. These sectors received a rating of either medium high or medium with the exception of the domestic insurance sector which received a rating of ‘low’ (see Chapter 2 - IO.1, Table 1.1). 472. In assessing the risk with legal persons, the NRA found that exempt companies, which accounted for 65% of all companies in TCI at the time of the assessment, are more susceptible to being misused than ordinary companies, which represent the 31% of the companies. The factors contributing to this vulnerability are: (1) the limited interaction or supervision with the Companies Registry and (2) exempt companies are not subject to filing information with the Registry.
473. Under the previous Companies’ Ordinance, Cap 16:08, exempt companies were only required to pay fees and file an annual compliance statement confirming that there were no changes to their operations or to information previously held. Recognising the deficiencies with exempt companies, the jurisdiction passed the CO 2017 which eliminated the distinction between exempt and ordinary companies. Therefore, all companies incorporated in the TCI are subject to
Mutual Evaluation Report of the Turks and Caicos Islands
│ 133
the same regulatory requirements. Under the CO 2017, all companies are required to file basic and BO information with the Registrar; previously exempt companies maintained this with their CSP. These filing requirements include notice of appointment and change of directors, notice and change of members and notice of beneficial owner. 474. PORCs, a subset of exempted companies is considered by the jurisdiction to be low risk. This perception of low risk was also shared by CSPs, based on the regulatory requirements to which PORCs are subject in the US. Further, every PORC has an underwriter in the US. However, while they provide annual reports, PORCs do not submit audited reports to the FSC nor the CSPs. While the sector’s ML/TF risk has been assessed as low, a comprehensive ML/TF risks assessment of PORCs would contribute to TCI’s understanding of the sector as recommended under Chapter 6. 475. CSPs were assessed as medium high. The jurisdiction determined that CSPs have the potential to be abused by criminals using legal services and company formation designed to obscure ownership. However, CSPs interviewed, downplayed this risk and considered that as CSPs were not involved in the ‘Panama Papers’, the sector should have been accorded a lower rating. However, the fact that CSPs were not complicit in the Panama Papers does not exonerate them from being exposed but rather demonstrates that there is a high probability of CSPs being used for ML/TF and other illicit activities. The FSC acknowledged that some CSPs do not have a full appreciation of their risks and where there is an appreciation it is where the business is adjunct to a law firm or accounting firm. Further, in some cases CSPs do not have the human or financial resources to mitigate the risks. Following publication of the Panama Papers, the FSC conducted an Initial Review of Licensed CSPs. Sector responses indicated that 5% had a relationship with the Panamanian Company Mossack Fonseca. These relationships no longer exist. 476. The feedback received from CSPs revealed that accounts were opened by some FIs under Panamanian companies with Mossack Fonseca however; results of the checks have shown that there are no issues with their client relationships. Because of the review, the FSC was able to ascertain that the reliance on third parties pose a higher risk. Nevertheless, as only 5% of CSPs had a relationship with the company TCI considered the risk exposure to be low. This incident has caused the FSC to reshape their on-site program to focus on the risk monitoring systems of CSPs. 477. The jurisdiction rated the trust sector as medium-high owing to the high-net worth clients. The sector was seen as vulnerable as it may be attractive to clients and criminals seeking anonymity. Also, trust can have global reach and it is possible to have settlors, trustees and beneficiaries located in different jurisdictions. Notwithstanding, the medium-high rating assigned by TCI to this sector, PTs do not have an appreciation of their risk and indicated that there is a perceived risk because TCI is a zero-tax jurisdiction. It was asserted that the risk should be lower, as PTs know their customers and know their source of funds because of the long relationship developed over the years. It was evident that there is heavy reliance placed on personal relationships with clients and not on CDD requirements. This makes legal arrangements, vulnerable in addition to the factors outlined by the jurisdiction to being misused. 478. The Legal Profession was rated as medium-high. There are 144 practising Attorneys in the TCI and 32 law firms. The specialised knowledge of legal professionals and their role in formation of companies, trust, conveyance services and operation of client account have made them vulnerable for ML. As noted in the NRA, there is evidence from local typologies that the
Mutual Evaluation Report of the Turks and Caicos Islands
134 │
threat is from individuals overseas who intend to abuse the financial system by way of leveraging the gatekeeper position of lawyers, as demonstrated in case example 7.1. The assessment team found that this sector has a better understanding of their risk and as a consequence they provided information on instances where legal professionals were misused for ML or directly involved in ML.
BOX 7.1. Case Example
In 2014 a lawyer based in the TCI, was sentenced to 14 months in prison in the US and three years of supervised release for conspiring to launder monetary instruments. The lawyer conspired to conceal and disguise the nature, location, source, ownership and control of property believed to be the proceeds of bank fraud-specifically USD 2 million dollars. The lawyer was disbarred by TCI following conviction.
479. In conjunction with the FSC and the FIA, the Bar Council has hosted training seminars on AML as well as attended sessions held by the FSC. Also, the Bar Council is currently working in collaboration with the AGC to revise the Legal Profession Ordinance by extending the disciplinary powers of the Council. The proposed revision will allow the Council to intervene via complaint or on its own investigations. Presently, the Bar Council can only intervene where a formal complaint is filed. Though the Bar Council is aware of the thematic review of the legal sector by the FSC they are not involved. Overall, the legal sector understands the risk and vulnerabilities of the sector as STRs/SARs have been filed by law firms and the Bar Council have been involved in training.
7.1.4. Mitigating measures to prevent the misuse of legal persons and arrangements 480. Measures to prevent and mitigate the misuse of legal persons and arrangements include transparency through registration and requirement to keep information updated, record keeping, obtaining and holding adequate, accurate and current basic and BO information. At the time of the on-site visit, the FSC was working on collecting and maintaining BO information as the majority of companies were already incorporated under the new Companies Ordinance. Other mitigating measures used include CDD procedures and prohibition of bearer shares and shell companies. 481. Under the CO 2017, companies are required to file with the Registrar all changes in basic and BO information within 14 days of the change. However, as all companies were not registered under the new Ordinance, the Registry did not have the beneficial ownership information on all companies registered in the TCI. This information was held by the CSPs. The significance of the registry not having BO information on all companies prior to the introduction of the CO 2017 reduces transparency in the control of legal persons. The lack of BO information has the ability to expose legal persons to misuse for illicit purposes. Conversely, the Registry having all BO information prior to 2017 would have resulted in greater transparency of company ownership and control. 482. As it relates to exempt companies, neither basic nor BO information was not available (prior to the recent change in law) in the Registry. Pursuant to the previous Companies Ordinance (Cap. 16:08) some basic information was available, namely information on directors,
Mutual Evaluation Report of the Turks and Caicos Islands
│ 135
shareholders and company history. However, exempt companies were not required to submit to the Registrar annual returns details of its members’ shareholdings or the membership, directors and officers or any changes of members, directors and officers. However, 70% of the exempted companies are PORCs; and as a part of its licensing requirements these companies must submit details of the beneficial owners, directors and officers for approval. PORCs are also required to submit for approval any changes to the beneficial owners, directors and officers of the licensees. By the end of the on-site visit, only 6% of all companies have not been registered under the new Ordinance. 483. At time of the on-site visit 549 companies had voluntarily registered under the new Ordinance. However, the FSC received applications to be registered under the new Ordinance as detailed in Table 7.3 below. To encourage the outstanding companies to register under the new Ordinance, the FSC among other things embarked on public campaigns and reduced registration fees. It should be noted that all companies that were not inactive i.e. struck off the register or dissolved were automatically registered under the new Ordinance on January 1st, 2019 and were required to meet all the filing requirements under the new Ordinance. 484. With respect to limited partnerships the Registrar must be notified within 15 days of any change.
Table 7.3. Companies that had applied to be registered under CO 2017.
Type of Number of Applications (by end of Company onsite) Ordinary 1312 Exempted 1448 Foreign Exempted 17 Limited Life 1
Table 7.4. Amount and type of companies that had not applied to be registered under the CO 2017.
Type of Number of companies that did Company not apply (by end of onsite) Ordinary 3965 Exempted 9028 Foreign Exempted 145 Limited Life 16 Non-profits 219 Protected Cells 2
485. All legal persons are registered in a central register which is accessible to the public and this is maintained by the FSC. There is no legal obligation for trusts to be registered, however PTs are registered. In order for companies to be registered all the relevant basic information documents required by the CO 2017 have to be submitted along with the payment of an incorporation fee by the registered agent. In the case of a company, the registered agent must provide the FSC with the prescribed BO information on each person who will be a registrable person.
Mutual Evaluation Report of the Turks and Caicos Islands
136 │
486. Concerning legal arrangements, PTs are required to obtain basic and BO information relating to beneficiaries, settlor, and protector of the trusts and any other natural person exercising ultimate control over the trusts and maintain it. This information is not kept in a central registry neither are trust registered in the TCI. Licensed trustees are required to apply CDD measures to their customers which enable them to obtain the relevant information. CDD is required to be done during the on boarding process. 487. Only a PT in the TCI can form and maintain trusts, with the exception of bare trusts. They are subject to the same requirements as CSPs. Further, they are required to obtain and keep BO information not only on beneficiaries but also any other natural person exercising ultimate effective control over the trust. This information is required to be accurate and current. 488. Under the previous Companies Ordinance (Cap 16:08), companies were formed by anyone including persons without a company manager or company agent license. Presently, only 6% of companies formed under the old Ordinance are maintained by unlicensed persons. However, under the new Companies Ordinance 2017, a company can only be formed by a registered agent (a CSP) who possesses a company manager or company agent license. Therefore, all companies by December 2018 must have a registered agent. 489. CSPs are regulated and supervised by the FSC and must satisfy the ‘fit and proper’ requirements before receiving a license. They are also required to perform CDD on clients and are subject to compliance visits. Additionally, they are required to do a risk assessment of their clients and must perform enhanced due diligence if necessary. Companies must provide details of its business activities, ownership and management to its CSP. Additionally, CSPs are required to notify the FSC of change in particulars of shareholdings, shareholders, directors and BO within 14 days. Further, they must keep at their registered office a beneficial ownership register, registers of directors and members or have a written record of the location where these documents are kept. 490. However, despite the mitigating measures outlined above, CSPs are still at risk of being misused. During the on-site visit, it was indicated that some CSPs rely on BO information obtained by the intermediaries. Due to this practice there is an increased risk that CSPs may have inaccurate or incomplete information. This is especially worrying as at the time of the onsite visit the majority of BO information is held by CSPs, which does not guarantee the keeping of adequate and accurate BO information. The same concern obtains with respect to exempt companies, as this is a non-face to face customer relationship where introducers are used. Further, the timely filing of annual returns with CSPs by exempt companies seems to be an issue. These vulnerabilities ultimately hinder the requirement to keep accurate and current BO information. 491. Both CSPs and PTs must lodge with the FSC beneficial ownership information on companies. The BO Register maintained by the FSC is accessible only to law enforcement. It is important to note that the FSC is not required to verify the accuracy of the information it obtains from CSPs and Professional Trustees. The Registrar indicated that the registry routinely compares what is on the general register with the BO register and this is one way of detecting discrepancies. TCI finds this method useful as the general register contains a listing and select information on all entities incorporated or registered in the TCI. Accordingly, by reconciling the beneficial ownership register against the general register, the FSC can determine whether there are gaps in the registration of entities in the BO register. According to the FSC, no discrepancies
Mutual Evaluation Report of the Turks and Caicos Islands
│ 137
have been found. Annual returns are also another mechanism used to determine the veracity of the information submitted to the Registry. 492. Case example 7.2 demonstrates the deficiency in the system and the need for the FSC to be more vigilant in mitigating the misuse of corporate vehicles48.
BOX 7.2. Case Example
During inquiries by a law firm for BO information it was discovered that the company had not filed annual returns in 3 years. Although the company was in default for 3 years it was still on the Register. Moreover, a public search showed a defunct corporate manager. It took the firm 6 months to find the new corporate manager who was able to provide the BO information.
493. Bearer shares are prohibited. All shares must be registered, and the shareholder is entered into a register of members which all companies must maintain. Nominee directors and shareholders must now disclose the identity of their nominator. This information is available to the Registrar who can make inquiries, inspect, examine and make copies of the documents. The creation of shelf companies is prohibited by the FSC. In instances where shelf companies are suspected of being formed, the CSP is notified and requested to cease formation of the company. 494. There is no requirement for partnerships to be registered by a licensed agent or for the maintenance of BO information. However, mitigating measures include information on partnerships (as required in the LPO) are required to be filed with the Registrar along with any statement filed by the partnership. This information is open to inspection by members of the public.
7.1.5. Timely access to adequate, accurate and current basic and beneficial ownership information on legal persons 495. The Registrar of Companies is responsible for the registration requirements under the CO 2017. At the time of the on-site the Registry did not have the BO information on all companies registered in the TCI. However, the Registry collects and maintains information on the membership and shareholding of Ordinary Companies and that information is available to the public. Notwithstanding the Registry not having all the BO information, competent authorities can obtain any information that is not held on the public register through statutory powers. 496. The Registrar does not have responsibility for checking the accuracy of information provided. However, the public can identify errors and bring these to the attention of the Registrar. The Registrar does conduct checks on documents filed by the companies, in order to enforce compliance with filing requirements. The Registry also compares new documents filed with what is already on the Register. Reliance is placed on the registered agents to ensure the adequacy and accuracy of basic and BO information and to keep that information current. Further, this
48 The jurisdiction has indicated that this is an unverified case which may have occurred before the current policies for striking companies off the register were put in place.
Mutual Evaluation Report of the Turks and Caicos Islands
138 │
information is to be kept at the office of the registered agent and available to competent authorities in a timely manner. 497. The effectiveness of the reliance on registered agents on ensuring BO information is accurate, adequate and current must be measured against certain factors. As already noted, the non-face-to face relationship between CSPs and exempt companies, the use of intermediaries and CSPs and PTs not fully comprehending their risks hinders access to BO information from being accurate, adequate and current. Further, the Registrar indicated that there are companies who are still on the Register that have not filed annual returns. For 2018, there are 1,513 companies that have not filed their annual returns. Further, as mentioned there has been at least 1 instance where a company was kept on the register despite not filing annul returns for 3 years. However, the jurisdiction indicated that companies were advised through the Company Law Advisor Committee (CLAC) that striking of companies would be deferred to the end of the December 31, 2018 to provide companies with an opportunity to apply for re-instatement directly to the Registrar versus through the Court. 498. Competent authorities can obtain access to basic information in the public registers. A request has to be made to the FSC. However, BO information maintained in the Registry is only accessible to the RTCIPF who must apply on the approved form indicating whether the request is normal or urgent. BO information and basic information requested by the RTCIPF during 2014-2018 were 46 requests. There is a good collaboration between the RTCIPF and the FSC where the information is given either the same day as requested or at least the day after. 499. BO information maintained by CSPs is available to competent authorities through statutory powers. The FSC can request this information using a Notice to Produce sent to licensees. The Notice to produce gives the licensee an average of 30 days to provide the information. However, this time period seems lengthy for CSPs to comply with the requests of the FSC. During the review period, the RTCIPF have made four requests to CSPs for BO information, one was done using s.3 Confidential Relationship Ordinance as the request related to a criminal investigation and the other three were done through production orders. The RTCIPF indicated that once a request is made to a CSP, the information is provided within a day. While there is no delay, thus far, in complying with the requests of the RTCIPF, a precise period should be given within which to provide information. Where the Courts are used obtain BO information it would take a few days. As indicated by the Chief Justice and Chief Magistrate as long as the application is in order, there is no delay with getting a production order. 500. As it relates to the FIA, 109 requests were made to the FSC during 2014-2018. 95 of those responses were given within 30 days, 2 within 31-60 days and 12 took 61 days or more. No reason was provided on the variance in the response times of the FSC. The FIA also made 21 requests to CSPs during the review period. All requests were responded to within 30 days. 501. The AGC and the EOIU have requested BO information from the FSC for international cooperation purposes. The AGC made 6 requests to the FSC and the response from the FSC was timely. Most requests were fulfilled within one day or the same day. The EOIU made 3 requests to the FSC and the response times were between 9-28 days. 2 requests were made to company agents and the response times were between 9-14 days. Requests are made to company agents using a Production Notice. The EOIU indicated that there is no difficulty getting BO information from companies or agents.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 139
502. The IC has requested basic and BO information from the FSC. It was indicated that requests would normally be fulfilled within a week and as of 2017, the responses now average a 2-day turnaround. However, no statistics on the number of requests made whether to the FSC or licensees were provided. 503. The Customs Department made one request for BO information in 2017 to the FSC and it was received in 48 hours. Customs thought this was a long time, however the FSC indicated that there was a queue. Customs stated that the matter was urgent and the FSC facilitated the request promptly. 504. Overall, the competent authorities considered access to basic and BO information to be timely and this conclusion is also shared by the assessment team. However, with respect to BO information requested by the FIA there is some delay by the FSC in responding.
7.1.6. Timely access to adequate, accurate and current basic and beneficial ownership information on legal arrangements 505. Legal arrangements including PTs are required to obtain basic and BO information. They must also keep up-to-date information on their customers, including identification information and keep records of the verification documents obtained to verify customer identification information for a minimum of 5 years. 506. However, the risk associated with trust is downplayed as Professional Trustees indicated that they are selective in their clientele. Clients are mostly from the TCI, USA, Canada and UK. They do not take on board clients from high-risk jurisdictions and their clientele is not a growing one. In some cases, the controls for acquiring or verifying basic and BO information are inadequate, as these can include the acquisition of information based on personal relationships, as it was indicated that they have known the beneficiaries from since they were children. Further, the trusts have been in existence for a long time. These factors may potentially adversely affect the accuracy of the information held by trustees as they may be negligent in their due diligence requirements and rely on ‘personal relationship’ with their clients. 507. The FSC indicated that it ensures the information held by trustees is adequate, accurate and current through compliance visits where the FSC has access to the information. As it relates to access to the information held by trustees this can only be done through a court order by law enforcement authorities. Competent authorities did not indicate whether they have requested any basic or BO information from Professional Trustees.
7.1.7. Effectiveness, proportionality and dissuasiveness of sanctions 508. There are sanctions provided under the Financial Services Commission Ordinance (FSCO) for failure to comply with information requirements relevant to basic and BO information (see criterion 24.14 – TC Annex). 509. The Registry has imposed late filing fees for failure to file records in the stipulated time. The imposition of late fees is considered to be dissuasive by the FSC since companies do not want to be struck off the Register. Table 7.5 below shows the amount of fines per company type for the years 2015-2018.
Mutual Evaluation Report of the Turks and Caicos Islands
140 │
Table 7.5. Fines (amount in USD) 49
Company Type Mar 13, 2015 - 2016 2017 2018 (to September) Dec 31, 2015 Ordinary 113,600.00 116,900.00 115,350.00 95,900.00 Exempted 83,550.00 96,600.00 108,300.00 48,200.00 Total 197,150.00 213,500.00 223,650.00 144,100.00
510. In some circumstances where annual returns have not been filed, the FSC struck off the company. However, the administration of sanctions is not automatic as licensees are given time to comply with shortcomings. Directives are often preferred by the FSC than the use of sanctions. Where a directive is given the licensee has 5 - 60 days, depending on the quality and complexity of information to satisfy the directive. Licensees, according to the FSC, generally rectify the identified breach within the timeline provided and as such the process stops at that point in most instances. For 2018, 1513 companies have not filed their annual returns. However, only 129 of those companies have been struck off the Register (see table below).
Table 7.6. Companies struck off the register for failure to file annual returns.
Type of Company 2014 2015 2016 2017 2018* Ordinary 498 266 239 304 37 Exempted 971 647 1368 192 91 Foreign Exempted 3 8 31 2 1 Non-Profit - - 3 - - Foreign Ordinary 3 4 - - - Total 1475 925 1641 498 129 *January to August 2018
511. The rationale for the exempt companies that were removed from the company registry being so high in 2016 is due to the Registrar undertaking a general cleaning of the registers. Companies that did not meet the March 31st, 2019 deadline to file annual returns and pay annual fees and did not respond to the notice of intention to strike, were then struck. Given that more than 70% of TCI companies were exempted companies the proportion of exempted to other types of companies that were struck was higher. In conclusion, TCI has not applied the wide range of sanctions provided under the law.
Overall conclusions on IO.5 512. TCI is rated as having a moderate level of effectiveness for IO.5.
49 The TCI did not provide any data regarding fines for 2014.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 141
8. INTERNATIONAL COOPERATION
Key Findings and Recommended Actions
Key Findings
a) TCI provides a wide range of international cooperation, including mutual legal assistance (MLA) for a number of matters including tax and other forms of international cooperation. The jurisdiction is able to identify, restraint and confiscate assets on behalf of a foreign jurisdiction. b) The TCI has a robust legal system in place governing extradition (see Rec 39). During the period 2014- 2018 there has been one extradition request and this request has not been granted because of delays on the part of the TCI. The TCI has not requested extradition from another jurisdiction during the period under review. c) TCI has not consistently sought legal assistance from foreign jurisdictions to assist with ML, predicate offences and TF cases with transnational elements. d) Only the FIA and FCU have sought international assistance from their foreign counterparts. e) The FIA has provided assistance (including spontaneous) however not all assistance has been timely. The Agency has a case management system, but it is not checked on a timely basis. The Agency has received positive feedback on the assistance provided. f) The FCU has provided assistance but to a limited degree. Also, the FSC has provided assistance to its foreign counterparts and this is generally on a timely basis. g) Competent authorities have cooperated and exchanged basic and BO information on legal persons. h) The authorities that provide international cooperation, namely the AGC, Chief Magistrate, the Governor, FCU, FIA and FSC have case management systems. Only the FIA has a system that enables them to monitor and ensure the timeliness of requests. However, this system is not effectively used by the FIA as there has been delayed in responses to requests. Apart from the FIA, the other competent authorities do not use criteria to prioritise requests. i) There is engagement and cooperation between local authorities to fulfil international requests. Recommended Actions
a) The authorities should use all available channels and proactively seek international assistance for ML, TF and related predicate offences matters. b) Competent authorities should be provided with resources to develop case management systems to be utilised by the relevant authorities to properly manage incoming and outgoing cases and ensure timely assistance. c) Criteria should be developed for the prioritisation of requests. d) FIA should effectively use their case management system by checking the system more frequently to keep track of requests.
513. The relevant Immediate Outcome considered and assessed in this chapter is IO.2. The Recommendations relevant for the assessment of effectiveness under this section are R. 36-40.
Mutual Evaluation Report of the Turks and Caicos Islands
142 │
Immediate Outcome 2 (International Cooperation)
8.1.1. Providing constructive and timely MLA and extradition (a) Mutual Legal Assistance 514. The Office of the Chief Magistrate is the Central Authority for MLA requests under the MLAT between the UK, on behalf of the TCI, and the USA. MLA requests come to the Chief Magistrate in 2 forms. The first is by email from the US Department of Justice (DOJ) and a response would be given on the same day. The second is by courier, which is addressed to the Chief Magistrate. Generally, acknowledgment is given within 24 hours of receipt. The current Chief Magistrate came into office in 2016 and only has records for matters during her tenure. At the end of the on-site visit, only 1 MLA request was ongoing, and it involved obtaining a production order at that time. With respect to this request, the request for registration of the forfeiture order was complete. However, TCI is in the process of enforcing the order and gathering the assets. Further, a supplemental request was made as there was a mistake in the original request. 515. Letters of Request (LoR) go to the AGC and are dealt with by the AG through the International Division. For the period under review, 8 LoR were received dealing with production of documents, bank account information, taking of evidence, evidence pursuant to corruption investigation, restraint of funds, interview of persons and acquisition of information to be used as evidence. 3 LoRs were not completed. A request received in 2016 could not be completed because the bank account, the subject of the request, was not held in the TCI. The Requesting Country was advised to provide further information and they have not signalled an intention to proceed despite a request for an update on the matter by the TCI. Another request from 2016 could not be fulfilled due to on-going prosecution and possible prejudice to the trials. However, requests for updates have been provided and information will be provided once the trial is completed. Finally, a request in 2018 was partly fulfilled. The Court refused to grant the order for customer information on the basis that it was not satisfied that the application could be made as certain procedural matters were not in place. The Requesting Country was advised accordingly and will be making a supplemental request. 516. Overall, the jurisdiction has provided information and assistance when requested. In instances where the jurisdiction did not have the information, this has been communicated in a timely manner. For example, in 2016, a request was received in Portuguese and an English translation was requested from the requesting jurisdiction. The translation was received one week later and upon review it was determined that the information was not in the jurisdiction. The requesting jurisdiction was advised accordingly. In some cases, partial responses were provided, for example, in 2018 with a LoR, a jurisdiction requested several pieces of information. The AGC gathered information from several local departments and information was sent to the requesting country as it became available considering the urgency of the matter. Further, although most requests come from the US, the jurisdiction can apply the principle of reciprocity. This was done in 2014, where Canada sent a letter of request for certified copies of registration records (BO information) for a number of companies. Overall, the appropriate provision of information, demonstrates that the jurisdiction is willing to provide assistance once provided by law. 517. Some of the requests have been provided in a timely manner, however, some requests were fulfilled longer than the 30 days designated as the time within which information is
Mutual Evaluation Report of the Turks and Caicos Islands
│ 143
provided. This delay is significant considering the small number of requests received by TCI. These exceptional cases occurred due to external circumstances. In 1 case, the delay included undelivered communication and in the other, the request did not fulfil the legal requirements to be delivered. 518. In cases of undelivered communication, TCI indicated that these situations are dealt by carrying out a search in the incoming mail books and email accounts of the relevant officials to see if the request can be located. If the request cannot be located, the requesting country is asked to submit another request. By way of example, a LoR from 2016 took over 2 years to be competed. Although various follow-up actions were taken to address the requirement, the delay occurred fundamentally, because there was a breakdown in communication with the requesting country owing to hurricanes (see Chapter 1 - Background and other Contextual Factors). In this case, TCI contacted the requesting country so that assistance could be provided. Also, the LOR request received by TCI in 2017 was delayed due to the hurricanes of September 2017. As a result, the requested information as not submitted to the requesting country until January 2018. Another request in 2014 was also delayed, as the application for a production order had to be adjourned as the request was not made by a Court as required under the EPOJO. 519. Further, in 2016 a LOR requesting assistance with service took 274 days to be completed as a result of difficult encountered in serving documents on a person. The person was no longer living in the TCI and an affidavit in respect of inability to locate the person was sent to the requesting country in 2017. Table 8.1. LoR/MLAT requests (including supplemental requests). Year of Total Jurisdiction Status Turnover Type of Request request Request time* 2014 1 Canada Completed 368 LoR 2015 1 USA Completed 2 MLAT 2016 7 Portugal Completed 4 LoR
Netherlands Completed 832 LoR Jamaica Completed 92 LoR Czech Republic Pending (information to be - LoR provided after completion of trial) USA Completed 29 MLAT USA Completed 274 MLAT USA On-going (latest request for - MLAT production order in process) 2017 1 Argentina Completed 289 LoR 2018 2 Guernsey Completed 59 LoR
Jamaica Partially completed 59 LoR *Turnover time in days
Mutual Evaluation Report of the Turks and Caicos Islands
144 │
520. The time for processing an MLA requests, also varies depending on the type of request. During the period under review, there have been requests for information on companies which were received in a timely manner from the FSC. These requests were provided to the AGC in less than a week. Restraint orders are generally completed within 7 days of receipt of the request. Applications involving production orders took a month or more from the date of the request to the date when the documents are produced. Where requests involved searches of records and the use of multiple agencies, it has taken up to 1 year. In cases involving examination of a witness, there were a number of delays due to communication issues, the need for additional information and impact of infrastructure damage from hurricanes.
Table 8.2. Type of requests for MLAT and LoR. Type of assistance requested 2014 2015 2016 2017 2018 Total Information on companies 1 - 1 - 1 3 Restraint of funds - 1 - - - 1 Forfeiture order /service of forfeiture order - - 3 - - 3 Bank account information - - 1 - 1 2 Taking of evidence/Request for evidence - - 2 - - 2 Production of Documents - - - 1 - 1
521. The MLA provided has allowed the jurisdiction to assist in a number of cases against persons who were suspected of committing crimes and hiding their proceeds in the TCI. Dual criminality is required, but the conduct underlying the offence, rather than the terms in which it is expressed in the legislation of the requesting country is considered when determining whether dual criminality exists.
Table 8.3. Type of offences for MLA and LoR.
Offences relating to the requests 2014 2015 2016 2017 2018 Total Money laundering 1 1 4 1 1 8 Fraud/fraud related offences 1 1 2 - 2 6 Bribe - - 1 - - 1 Tax evasion - - - 1 - 1 Arms trafficking - - - - 1 1 Extortion - - - - 1 1 Aggravated swindling - - 1 - - 1
Mutual Evaluation Report of the Turks and Caicos Islands
│ 145
(b) Extradition
522. The Governor is the competent authority responsible for extradition. The TCI through the Extradition Act 2003 (Overseas Territories) Order 2016, which extends the provisions of the UK Extradition Act 2003, can facilitate extradition requests. Where a jurisdiction wishes to activate extradition proceedings, these requests must go through the Foreign and Commonwealth Office (FCO). The FCO would then forward the request to the Governor along with any accompanying instructions or information. The Governor then forwards the request to the AGC to ensure that the requirements of the legislation are met. Once the AGC confirms this position, the AGC prepares a certificate for the Governor to sign. The signed certificate along with all documents is sent in a request forwarded to the ODPP for presentation to the Court. The Judge then issues an arrest warrant once it is satisfied that the conditions are met. 523. Where a person has been arrested under a provisional warrant, the legislation mandates the court to fix a date that ensures that no unnecessary delay is caused. Extradition matters are generally given priority by the courts as the request for extradition expires after a certain time. Once the extradition hearing is concluded and the court grants the request, the Governor then has 2 months to sign the extradition order. 524. The Magistrates Court deals with extradition and on appeal it goes to the Supreme Court. However, during the on-site visit, the Acting Chief Justice indicated that some matters go directly to the Supreme Court. For instance, where there is an investigation and the RTCIPF has to arrest persons in another jurisdiction, an application is made to a Judge of the Supreme Court. This process utilised by the jurisdiction does not pose any risk of delay and in fact ensures that extradition matters are prioritised by the Judiciary. 525. There has only been 1 extradition request during the period under review. The request was by the DOJ. This matter is being handled by the AGC and the order to proceed was prepared by the ODPP with a representative appearing before the Chief Magistrate. A provisional warrant was granted in 2015 but expired. In 2017, a new request was received from the US and another provisional warrant was granted. The matter is currently before the court and concerns multiple acts of fraud, conspiracy to commit ML and ML. The case has been pending for over six years. Based on the fact that the case is sub-judice and the report being a public document, the assessment team cannot go into details regarding this case. (c) Prioritisation of Extradition and MLA matters 526. The AGC has an International Division headed by the Principal Crown Counsel who is charged with processing international requests that come to the AGC. The Principal Crown Counsel is supported by 2 additional Crown Counsel. However, all Attorneys in the AGC may be asked to be involved in a matter. Guidance has been issued on MLA and extradition by the AGC. There is also the guideline document on ‘Request for Mutual Legal Assistance in the TCI’ which details the procedure and guidance for obtaining TCI’s assistance in international matters. 527. There are no criteria for prioritising requests, however cases are usually dealt with when received. Prioritising matters is based on whether the requesting country indicates that it is urgent e.g. where witnesses or funds are involved. Urgent matters are worked on immediately. However, it must be seen objectively that it is urgent. Additionally, the timeliness of dealing with the MLA matters depends on the accuracy of the information received. Extradition matters are dealt with promptly as an extradition request expires after a period of time. The AGC has indicated that
Mutual Evaluation Report of the Turks and Caicos Islands
146 │
they have encountered no delays with MLA matters in the courts. Once the AGC or another competent authority notifies the Court that it has an application concerning MLA, the Court will advise on when it can hear the application. In many cases the Court has accommodated the applications on the same day of being notified. 528. Internally there is a system of monthly reporting by the Head of the International Division to the AG that details the work of the Division. During the on-site visit, it was indicated that the level of work in the AGC does not require a sophisticated case management system. Incoming requests are scanned and stored on a legal assistance folder on the office server using an excel spread sheet. There is also a dedicated logbook which is managed by the Administrative Assistant/Receptionist who records the incoming requests. 529. There is no database used by the Chief Magistrate to store requests. However, requests are recorded in the Magistrate’s record book which only the Chief Magistrate has access to. Currently, the Court Administrator is in the process of digitising the court system. The Chief Magistrate is aware that special privacy mechanisms would be required once this project is completed. 530. Additionally, the Governor’s office has a database to track extradition and MLA requests. The database is managed by the Governor’s office assistant, who inputs and updates the data. 531. The mechanisms employed by the Competent Authorities to manage incoming and outgoing requests are suitable for logging the amount of request that the country currently receives and asks for. As indicated there has only been 1 extradition request and 12 LoR/MLA request over the review period. However, should the jurisdiction receive more requests and utilise this channel more for assistance, the current methods of managing cases would not be sufficient for the volume of requests (incoming and outgoing). A case management system that reflects deadlines and assists in prioritisation of matters is needed. (d) Engagement with local authorities 532. To handle requests, the jurisdiction involves other local authorities. Where a request involves service of documents or orders under the POCO such as production orders, customer information orders, search warrants and account monitoring orders the RTCIPF was involved by serving the order and making the application. As most of the requests received by the jurisdiction involved BO information the FSC was used to obtain this information. In other instances, the FIA was used to obtain information or intelligence on entities named in the request. Other agencies that have been used include the Customs Department, Land Registry, Civil Aviation Authority, Department of Road Safety, Department of Immigration, and Ministry of Border Control. 533. The process for sharing the requests with local authorities involves a summary of the nature of the request being sent and the specific information required from the department or agency. Where the request is sensitive, the AGC would not state the purpose but would only state that the information is needed for legal advice. This is generally the case with the Land Registry. The AGC has indicated that the Registry has dealt with matters expeditiously despite not much information given and the request is processed within 24 hours. On the other hand, LoR are fully shared with the RTCIPF and in certain circumstances with the FIA. 534. Where the request is urgent this is communicated to the local authority and given the necessary priority and deadline.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 147
(e) MLA for Tax Matters 535. The EOIU is the competent authority for requests related to the exchange of information for tax purposes. Their remit in relation to MLA is to respond to requests relating to tax information. Their work is facilitated by universal tax exchange instruments and treaties namely Tax Information Exchange Agreements (TIEAs), DTA, DTC, FACTA and CRS. There is no direct taxation in the TCI therefore the agreements are not reciprocal. There is also a tier-A bilateral agreement with 20 jurisdictions. 536. Where requests are sent in hard copy, it goes directly to the Ministry of Finance and then forwarded to the Director of the Unit. If the request is sent via email, it goes directly to the Director of the Unit. Requests are dealt with as soon as they are received. The factors that determine whether assistance will be provided are whether the request has an element of tax, the form of the request, whether there is a reference to the OECD and whether the requesting country has explored all options of getting the information in its own jurisdiction. As there are few requests per year, matters are investigated immediately. 537. Production notices are used to obtain tax information of companies although the options of summons and search warrants are available. The Unit indicated that these other methods are not used because there is no challenge getting the information. They can also solicit the assistance of other jurisdictions under MLA. However, this has not been done. As it relates to automatic exchange of that the jurisdiction is an early adopter to the Common Reporting Standard (CRS) and sharing in this manner will soon commence. 538. All persons in the Unit have signed a confidentiality agreement. Requests are monitored and updated by the Head of the Unit through a simple spreadsheet. When a request comes in, an acknowledgement is given within 3 days. There is a checklist system used to determine certain key elements of the request such as the legal basis. In most cases, the request would say where the information being requested can be found. The Unit would then issue production notices to the relevant institution, the company manager and the service provider. The information would then be analysed, and a response provided. There is no fixed policy regarding response times for these requests. However, EOIU indicated that the response times are generally within 90 days. 539. All requested information was provided within the 90-day period. 540. Between the period 2014 - 2018, there were 10 requests for information related to tax matters. However, only the request from India was not completed. Further information was requested from the country to process the request, but no response was received. See table below.
Table 8.4. Requests related to Tax matters.
Year Requesting Reason for request Status Turn over time Country (days)* 2014 India Tax evasion, beneficial ownership Not completed. 37 information financial account Additional information information requested from the country, but no reply given Sweden Fraudulent invoices for services Completed 70
Mutual Evaluation Report of the Turks and Caicos Islands
148 │
not rendered Australia Criminal tax investigation, Completed 30 beneficial ownership information, financial records Australia Tax investigations, beneficial Completed 70 ownership information and financial records
Japan Tax investigation Completed 328
2015 Finland Tax investigations, beneficial Completed 185 ownership information, tax returns and company information
2016 Japan Suspected fraud Completed 65
Sweden Criminal tax investigation Completed 81
Canada Liquidation Completed 70 2017 Canada Criminal tax investigation Completed 82 2018 - - - - *counted from the date request was sent
(f) Quality of Assistance 541. As it relates to the quality of assistance, feedback is not generally provided to the jurisdiction. Therefore, it is not possible to assess the overall quality of the assistance provided. However, feedback was received for a request in 2016 where additional tax was recovered as a result of the assistance provided by the EOIU.
8.1.2. Seeking timely legal assistance to pursue domestic ML, associated predicates and TF cases with transnational elements 542. The TCI does not consistently seek legal assistance for international co-operation in an appropriate and timely manner to pursue domestic ML, associated predicate offences and TF cases which have transnational elements. During the period 2014-2017, there have been ML and associated predicate offences investigations which may have provided the opportunity for the jurisdiction to use MLA for which the jurisdiction did not do so. However, in 2014 a national was extradited from Brazil to the TCI. The request was made by the TCI in 2012 and the ruling was made by the Brazilian Courts in 2013. The TCI national, who was a former government official, was wanted for matters related to corruption, bribery, ML and other related offences. The extradited person was subsequently charged for a number of ML and corruption offences and is currently on trial. However, TCI did not elaborate on the timeliness in which the request was made.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 149
543. Additionally, TCI indicated that assistance was requested from Jamaica in 2018. Another request was made to the US in relation to predicate offences. The request to the US concerned uttering forged documents and possession of forged documents. This request was sent to the United States Department of Justice (USDOJ) via courier in June 2018. An acknowledgement of the request was sent to the TCI in July 2018. However, at the time of the onsite, the TCI had not received the assistance requested.
8.1.3. Seeking other forms of international cooperation for AML/CFT purposes 544. The FIA seeks assistance from foreign FIUs and LEAs with respect to STRs/SARs, local requests made to the FIA and inquiries related to ML, TF or predicate offences. From 2014 to 2017 there were a total of 35 requests. Of these, 24 were connected to STRs/SARs received by the FIA. Others were related to asset tracking, financial intelligence, criminal intelligence and BO information. 545. To facilitate information sharing, the FIA has signed several MOUs with foreign jurisdictions including Canada, St. Vincent and the Grenadines, Jamaica, Saint Maarten, Australia, Japan, South Africa and Trinidad and Tobago. The FIA also uses the ESW to share information. 546. With respect to the FCU, requests are made through INTERPOL, ARIN-CARIB, FBI, DEA, IRS, RCMP and the Republic of Georgia Chief Prosecutor’s Office. There is also an MOU in relation to law enforcement assistance between the BOTs. 547. With respect to INTERPOL, this is used mainly where information is needed from Asian countries. Assistance was in relation to intelligence and assistance related to ML matters in 2014 (Philippines), 2015 (Hong Kong, China), 2016 (China) and 2017 (Malaysia). Requests were also sent to the FBI in 2014 regarding a subject using a TCI registered company to channel the proceeds of crime. In 2016, a request was sent to the UK authorities for assistance in a cybercrime investigation and in 2018, a request was made to ICE (US) to locate a fraud suspect. Information was also sought from the Canadian authorities via RCMP for BO information on a subject and his Canadian registered company relative to an on-going fraud investigation by the FCU in 2018. 548. The FCU also collaborates with the FIA to seek information from foreign jurisdictions. 10 requests were sent to the FIA from the FCU to get information from a foreign jurisdiction related to banking and other financial details, records of funds sent/received via money transmitters, company information and intelligence. The countries were China, Canada, Dominican Republic and the USA. However, no information was provided on the year these requests were sent. 549. The FSC has also signed MOUs with other jurisdictions including the Superintendent of Banking Panama, Cayman Islands Monetary Authority, Financial Services Commission Jamaica, Office of the Superintendent of Financial Institutions Canada, Insurance Commission of the Bahamas, Financial Services Commission of Barbados, Georgia Insurance Department and the Caribbean Regional Regulatory Authorities. There is no information on what legal assistance the FSC has sought from foreign authorities.
8.1.4. Providing other forms of international cooperation for AML/CFT purposes (a) FIA
Mutual Evaluation Report of the Turks and Caicos Islands
150 │
550. The FIA provides assistance in ML and TF investigations. During the review period they received 83 requests. It was indicated that response times varies because assistance is sought from LEAs and government agencies in responding to request. Of the 83 requests received, 57% were responded to within 30 days and the remaining 43% within 60 days or more. The main factor which contributed to a longer turnover time was due to the substantial amount of time to compile information. According to the FIA, in some cases the volume of data spanned 4-5 years. 551. A jurisdiction indicated that after requesting assistance from the FIA, a preliminary answer was only given after 78 days of receipt and to date no final answer has been provided. The FIA indicated that it was aware of the case and that a preliminary response was provided. However, they subsequently sought information from another authority for the jurisdiction but found that the additional information did not add any value to the matter. The FIA admitted that not responding was an oversight and is the exception and not the norm. There have been instances where the FIA provided regular updates to a foreign authority on the progress of obtaining information on their behalf. 552. There were also 27 intelligence reports and 13 spontaneous reports sent to foreign FIUs and foreign LEAs. According to the FIA, some of the intelligence sent resulted in arrests, charges for ML and other offences, prosecutions, restraint and forfeiture orders. 553. Requests by the FIA are managed through a spread sheet that categorises the requests according to jurisdiction. The case management system allows the FIA to keep track of requests and shows the amount of days that a request is pending. This system is managed by one officer who checks and updates the database quarterly. The Authorities should consider more frequent checks of the data base considering that there have been problems with responding to requesting jurisdictions in a timely manner.
Table 8.5. Request sent by the FIA (2014-2017).
Year Requesting Authority Spontaneous Intelligence Dissemination Dissemination 2014 FINCEN-USA 4 2 FIU-Bermuda - 2 FINTRAC-CANADA 2 3 FIU-South Africa 1 FIU-St. Kitts and Nevis - 2 FIU-UAE 1 - NCA-UK 1 2 IRS-USA 1 2 2015 RCMP 2 FIU-Gibraltar 1 - FIU-Hong Kong 1 -
FIU-Nigeria 1 -
FINCEN-USA - 2
Mutual Evaluation Report of the Turks and Caicos Islands
│ 151
IRS-USA - 2 2016 IRS-USA - 1 FINTRAC-CANADA - 1 2017 IRS-USA - 1 FIU-Trinidad and Tobago - 3 FIU-South Africa - 1 FIU-Ireland - 1 TOTAL 13 27
554. The assistance provided by the FIA has proven to be useful to the receiving jurisdictions. 1 feedback indicated that the information provided was clear, relevant and pertinent to the investigation. The following are case examples of international assistance provided by the FIA.
Box 8.1. Case Example of International Assistance provided by the FIA In 2013, the FIA received a SAR/STR from an FI regarding a prospective client who attempted to open an account but did not after the institution requested CDD information. The person however requested that the funds be made out to her attorney. The FIA discovered that the person had approximately USD 1,000,000 in trust with a local TCSP. A company owned by the person was also part of a civil lawsuit in the USA and the person had committed fraud. In 2014, the FIA sent spontaneous intelligence to FinCEN regarding the matter. In 2015, the Department of Justice (USA) submitted a request for MLA for the restraint of the assets held by the person in TCI, namely USD 998,530.93. In 2015 the FIA sent an intelligence log to the FCU for their review into possible financial crimes committed locally by the parties. In 2016 TCI received a request for the forfeiture of the restrained funds. The funds were successfully forfeited and registered in the TCI. Feedback from the USA indicated that the information provided by TCI was useful.
Mutual Evaluation Report of the Turks and Caicos Islands
152 │
Box 8.2. Case Example of International Assistance provided by the FIA In 2017, the FIA received a SAR/STR from an FI regarding a client who deposited a large number of sequential notes. As a result of the analysis conducted, the FIA sought assistance from the IRS and US Secret Services as the notes were suspected to be counterfeit. The notes were confirmed to be legitimate notes. Information was received indicating that the person deposited more sequential notes; the FIA subsequently issued a freezing notice. The FIA then disseminated an intelligence report to the RTCIPF- FCU regarding the SAR/STR received. The RTCIPF-FCU proceeded to make an application to the Court for the restraint of the funds held in the account which was approved. The FIA received an intelligence report from the IRS that the subject and partner were arrested and charged for currency smuggling at the Miami International Airport in route to the TCI.
(b) FCU 555. In 2014, the FCU worked along with the authorities in Singapore in relation to a wire fraud perpetrated on a TCI business where the proceeds of USD 92,000 were wired to an account in Singapore. Due to the FCU’s collaboration with Singapore the suspect was charged and subsequently convicted for money laundering along with other crimes. The FCU has also provided assistance to Guernsey, the FBI and RCMP in relation to BO information during the review period. However, information on the timeliness of the assistance provided by the FCU was not provided. As a BOT, the FCU/RTCIPF has direct access to the authorities in the UK. (c) FSC 556. As it relates to supervisory information, the FSC has provided assistance to several foreign authorities in relation to BO information and due diligence. The table below sets out the details of the requests received by the FSC during the period 2014-2018.
Table 8.6. Supervisory requests received by the FSC. Year Requesting Authority Number of Request Turn over time (days)
2014 Cayman Islands Monetary Authority 2 6 Bermuda Monetary Authority 3 12 US Securities Exchange Commission 1 60 2015 Cayman Island Monetary Authority 1 27
Bermuda Monetary Authority 3 65 US Securities Exchange Commission 1 240 Financial Services Board South Africa 1 34 2016 Bermuda Monetary Authority 4 34-40
Mutual Evaluation Report of the Turks and Caicos Islands
│ 153
Central Bank Barbados 1 12
Cayman Islands Monetary Authority 1 35 2017 Cayman Islands Monetary Authority 2 5-22 Bermuda Monetary Authority 6 21-35 FSC Jamaica 1 23 Malta Financial Services Authority 1 210 US Securities Exchange Commission 2 14-30 Jersey Financial Services Commission 1 7 2018 Cayman Islands Monetary Authority 1 25 Malta Financial Services Authority 1 30
557. The timeliness of the assistance provided by the FSC varies. Most requests were completed within 30 days while others took up to 60 days. However, for 2 requests, the FSC took over 200 days to respond. According to the FSC, its response to the US Securities and Exchange Commission was delayed because the original request which was submitted to the former Managing Director in 2015, was only brought to the new Managing Director’s attention in 2016. Further, the response to the Malta Financial Services Authority in 2017 was delayed due to the effects of Hurricanes Irma and Maria.
8.1.5. International exchange of basic and beneficial ownership information of legal persons and arrangements 558. The jurisdiction responds to foreign requests for co-operation in identifying and exchanging BO and basic information in relation to legal persons. The FSC provides information regarding BO directly to recognised international regulatory bodies. The FSC has provided assistance to the US Securities and Exchange Commission (2017 and 2018) and the Financial Services Board of South Africa (2015). In all 3 instances the Commission was required to issue a Notice to Produce for the provision of the required information. The Notices to produce for the request to the USA were to banks holding information while the one to South Africa was issued to a CSP. 559. The AGC has also provided BO information to requesting countries. During the period January 1st, 2014 to December 31st, 2017, all MLA have involved ascertaining the shareholding and BO of legal persons. This information was provided to the AGC for dispatch to the requesting country. Additionally, the EOIU has requested BO information to send to countries requesting tax information. Further, there were also requests from the FBI and RCMP on BO information on international companies. There has been no exchange of BO information on legal arrangements. 560. There has been limited feedback from requesting jurisdictions, therefore the relevancy and usefulness of the information provided cannot be verified. However, when requested the jurisdiction has provided the information asked for. As mentioned above, the jurisdiction made a request to RCMP for beneficial ownership information on a Canadian company in 2018. No further information was provided on whether the information was granted and its utility to local authorities. The table below represents BO requests received by the TCI for the review period.
Mutual Evaluation Report of the Turks and Caicos Islands
154 │
Table 8.7. International Beneficial Ownership Requests received*
Year Requesting Country Number of Request Total
2014 India 1 Australia 2 4 Canada 1
2015 Finland 1 1
2016 USA 2 3 Jamaica 1 2017 Canada 1 Argentina 1 3
USA 1 2018 Guernsey 1 Jamaica 1 4 Canada 1 USA 1 *Turnover time already indicated under Table 8.4
Overall conclusions on IO.2 561. TCI is rated as having achieved moderate level of effectiveness for IO.2
Mutual Evaluation Report of the Turks and Caicos Islands
│ 155
TECHNICAL COMPLIANCE ANNEX
1. This annex provides detailed analysis of the level of compliance with the FATF 40 Recommendations in their numerological order. It does not include descriptive text on the country situation or risks and is limited to the analysis of technical criteria for each Recommendation. It should be read in conjunction with the Mutual Evaluation Report (MER).
Recommendation 1 – Assessing risks and applying a risk-based approach
2. This recommendation was issued in February 2012 and is being evaluated for the first time during this mutual evaluation. R.1 requires countries to assess and apply a risk-based approach (RBA). 3. Criterion 1.1: Over a 3-year period (2014-2017), the TCI conducted its first NRA using the World Bank risk assessment methodology, which is a data-driven and analytical tool that includes modules for assessing national ML/TF threats and vulnerabilities and sectoral risks in the FIs and DNFBPs sectors. The NRA identified and assessed key risks, such as weaknesses in the supervisory framework for FIs and DNFBPs and in the investigations and prosecutions of ML/TF, facing the country. The assessment resulted in the development of a NRA report and a 2018-2019 National Strategy and National Action Plan to address and mitigate those risks. The process was a consultative exercise that included various workshops and dialogue on risks, and broad stakeholder participation from private sector constituents in FIs and DNFBPs and key public sector agencies such as the AG, FSC, ODPP, FIA, other LEAs and other members of the AMLC. (See Chapter 1 for fuller details on NRA) 4. Criterion 1.2: The AMLC is the coordinating authority for conducting ML/TF risk assessments and preparing and maintaining NRAs on ML/TF: s.116 POCO. 5. Criterion 1.3: The NRA is relatively new and was published in August 2017. The TCI authorities indicated that it will be updated periodically using the WB methodology. At its December 5, 2017 meeting, the AMLC agreed to conduct a full NRA every 3 years and undertake an interim assessment of the sectors rated medium-high risk (Banking, Corporate Service Providers, Independent Legal Professionals, and Trust Business) 2 years from 2017, the date of issue of the NRA. 6. Criterion 1.4: The NRA was published and shared with both private and public sector constituents. By an October 24, 2017 press release, the report was published on the websites of the members of the AMLC (FSC, AGC, FIA, RTCIPF and the Customs Department). In conjunction with this press release, the FSC informed various sector agencies and sector associations of the published report. 7. Criterion 1.5: The findings from the NRA will inform the TCI’s application of the risk- based approach (RBA) to ML risks identified in the NRA. The NRA contains various action to mitigate and manage those risks, including increased supervision of key sectors, increased ML/TF awareness activities and changes to laws, regulations and other measures that will be actively worked on in the coming months. In accordance with the National Action Plan issued on March 2nd, 2018 by the AMLC, TCI has begun to allocate resources and take action, at both
Mutual Evaluation Report of the Turks and Caicos Islands
156 │
national and sectoral level to address some of the issues identified in the NRA, including increasing on-site supervision of specific sectors and increasing ML/TF awareness activities. However, it does not appear that resource allocation and implementation measures to address the risks identified in the NRA are being prioritised in accordance with those posing the greatest threat to the county. Implementation of the RBA is at an early stage. 8. Criterion 1.6: Regulation 15 AMLR is identified as treating with simplified due diligence (SDD), but the language under that provision permits exempted CDD rather than SDD. Under Regulation 15, financial businesses, which include both FIs and DNFBPs, are not required to apply CDD before establishing a business relationship or carrying out an occasional transaction where it has reasonable grounds to believe the customer is a (a) regulated person, (b) a foreign regulated person, (c) a public authority in the Islands, (d) a body corporate, the securities of which are listed on a recognised stock exchange; or (e) from a sector which is assessed as low risk through the conduct of a national risk assessment. The disapplication of CDD requirements under conditions (a) to (e) were not informed by ML/TF risks assessment. 9. Also, Regulation 15 (2) excludes the application of exempted CDD to any third party for whom the customer may be acting or with respect to the beneficial owners. Similarly, Regulation 15 (3) excludes the application of exempted CDD if the financial business suspects ML/TF or the customer is located, or resides, in a country that does not apply or insufficiently applies the FATF recommendations or is subject to calls for the application of enhanced or countermeasures by FATF or other such bodies. While under Regulation 15, a business is not required to conduct CDD (prior to establishing a business relationship) where the customer is from a sector assessed as low risk by a NRA, the remaining exemptions are not based on a finding of low risk or informed by the NRA as it was conducted subsequent to the passage of Regulation 15. As well, all FIs and DNFBPs are permitted to apply the exemptions rather than a particular subset of those sectors as required by the FATF Standard. 10. The exemptions permitted under Regulation 15 are broader than that which is allowed for by the FATF Standards. Regulation 15 permits CDD exemption for Regulated Persons, which under Regulation 2 of the AMLR, means persons (i.e. corporations/body corporates) that hold a regulatory license. A regulatory license as defined under Schedule 1 of the AMLR includes licenses to operate banks, trust companies, insurance companies, company management (CSPs), mutual funds, investment companies and MSBs. Regulation 15 therefore permits FIs to not apply CDD for almost all categories of FIs, including those rated as medium or medium-high risk for ML such as banks, investment firms, trust companies, MSBs, and CSPs. 11. Criterion 1.7: The AMLR and the AML/PTF Code require all financial businesses to adopt an RBA when dealing with clients. Enhanced customer due diligence measures and enhanced ongoing monitoring to address higher ML/TF risks is required (Regulation 13 AMLR). Similarly, a financial business is required to have transaction limits and management approvals in place for higher risk customers: Paragraph 6 (1)(b) AML/PTF Code. Additionally, Paragraph 28(1) (a) - (e) AML/PTF Code describes the measures which a financial business must have in place for higher risk customers including PEPs. Paragraph 28 (2) describes a number of examples which are to be regarded as presenting a higher risk. Financial business by definition includes FIs and DNFBPs. 12. Criterion 1.8: FIs and DNFBPs are not allowed to apply simplified measures. 13. Criterion 1.9: The FSC is the supervisory authority for regulated financial businesses
Mutual Evaluation Report of the Turks and Caicos Islands
│ 157
(RFB): s. 161 (1) POCO. An RFB means a financial business that is a regulated person, which are defined as persons who holds regulatory license issued under the Banking Ordinance, Trustee Licensing Ordinance, Company Management (Licensing) Ordinance (CMLO), Mutual Fund Ordinance, Investment Dealers (Licensing) Ordinance, Insurance Ordinance and the Money Transmitters Ordinance (MTO). The FSC is also the DNFBP Supervisor (Regulation 23 AMLR). One of the FSC’s mandate is to monitor compliance with AML/CFT obligations. However, the deficiencies identified in R.26 and R.28 regarding AML/CFT supervision have a cascading effect on the extent to which this criterion is achieved. 14. Criterion 1.10: (a) A financial business is required to carry out and document its risk assessment to assess and mitigate the ML/TF risks it faces: Regulation 4 AML/PTF Code. Such assessment should take into consideration the business’s organisational structure of the financial business, its customers, the countries with which its customers are connected, the products and services it provides, delivery channels, new business practices and new developments for new and existing products and the nature and complexity of the business activities. (b) The list of considerations mentioned in the paragraph above is not exhaustive and there appears to be no provision which prevents the financial business from considering any other relevant risk factor. (c) A financial business is required to review and update its risk assessment if there are material changes to any matters noted under sub-criterion (a) above: Paragraph 4(3) AML/PTF Code. (d) A financial business is also required to have appropriate mechanisms to provide risk assessment information to competent authorities and SRBs: Regulation 4 AML/PTF Code. 15. Criterion 1.11: (a) Reg.5(2)(b) of the AML/PTF Code stipulates that it is the responsibility of the board of a financial business to establish documented policies to prevent ML and TF on the basis of the risk assessment required by Reg.4. Moreover, Reg.5(2)(c) further stipulates that the board of a financial business is responsible for ensuring that appropriate and effective AML/CFT policies, systems and controls are established, documented and implemented. The board by definition in Reg 2 is inter alia considered to be the governing authority of a body corporate. It can be therefore considered to be the body ultimately responsible for the oversight of a body corporate and therefore the policy making and ultimate decision- making authority when compared to senior management. Reg 17 of the AML R and Reg 6 of the AML/PTF Code identify the methods and types of actions to be undertaken by the financial business which are analogous to ‘procedures’ since it includes the establishment of customer acceptance policies and procedures; (b) provide for transaction limits and management approvals to be established for higher risk customers; (c) provide for the monitoring of compliance by branches and subsidiaries of the financial business both within and outside the TCI. 16. (b) The Board has the duty to assess the effectiveness of and compliance with established policies, systems and controls and promptly take action as is required to remedy any deficiencies. These responsibilities connote monitoring and enhancing the implementation of controls: Regulation 5(2)(d) AMLR. 17. (c) Regulation 13 of the AMLR and Paragraph 28(1)(a) – (e) of the AML/PTF Code satisfy this sub-criterion as described in the analysis for c.1.7. 18. Criterion 1.12: SDD is not provided for under TCI laws (see also analysis under c.1.6). 19. Criterion 1.12: Regulation 15(3) AMLR disapplies the application of SDD if the financial business suspects ML or TF or the customer is located, or resides, in a country that does not apply or insufficiently applies the FATF recommendations. While the measures for criteria
Mutual Evaluation Report of the Turks and Caicos Islands
158 │
1.10 and 1.11 are met, there are deficiencies in 1.9 which have an impact on the extent to which this criterion is achieved. Weighting and conclusions
20. The TCI has conducted an NRA to identify, assess and understand its ML/TF risk. The NRA included the participation of constituents from both the public and private sectors. Results of the NRA was publicly disseminated. There is a commitment to update such assessment and efforts are already underway in this respect. However, the RBA is in a very embryonic stage. While legislation allows businesses to not apply CDD under certain specified circumstances, these are not based on a proven low risk or are informed by the NRA. Furthermore, TCI law allows for exempted CDD where the customer is regulated entity of a sector rated as medium- high or medium risk for ML, resulting in a broader application of the standard than allowed for by FATF Standards. The rating for R.1 is Partially Compliant.
Recommendation 2 - National Cooperation and Coordination50
21. This recommendation (formerly R.31) was rated PC in the 3rd Round MER because of the limited implementation and coordination of local cooperation and efforts by the various units i.e. MLRA, SPICE or of the MOU involving Customs and Police. In the 8th FUR, TCI had fully complied with these deficiencies and the rating was upgraded to C. Recommendation 2 has new specific requirements, namely countries should have national policies which are informed by risks and the element of cooperation, exchange of information and domestic cooperation with regard to PF. 22. Criterion 2.1: The National AML/CFT Strategy is utilised by the TCI as the country’s national AML/CFT policy. The Strategy was approved by the TCI’s Cabinet in May 2018 and address in large part the ML risks identified in the 2017 NRA. It provides a roadmap for the strengthening of the AML/CFT policies within the jurisdiction over a specified timeframe. The AMLC has ultimate oversight of the implementation of the Strategy, which is actioned through the National Action Plan (NAP). Progress made on the implementation of the Strategy is an agenda item for discussions at AMLC meetings. However, the strategy has not been subjected to any reviews. 23. The Strategy forms the basis for the work carried out by the relevant authorities to address the NRA-identified risks. However, several key risks noted in the NRA are not addressed by the Strategy, such as those relating to international predicate crimes—which the TCI views as posing the most significant threat to the country. Further, although the Strategy informs various AML/CFT policies currently or in the process of formulation, such as the ODPP policies, the document itself is not representative of policies that are instructive to the general day-to-day operations and practices of the authorities. (See also Chapter 2 – IO.1, National policies to address identified ML/TF risks).
50 The FATF revised R.2 in February 2018 to ensure compatibility of AML/CFT requirements and data protection and privacy rules, and to promote domestic inter-agency information sharing among competent authorities. This evaluation does not assess TCI’s compliance with revised R.2 (C.2.5) because, at the time of the on-site visit, the FATF had not revised its assessment Methodology accordingly. TCI will be assessed for technical compliance with revised R.2 in due course in the context of its mutual evaluation follow-up process.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 159
24. Criterion 2.2: The AMLC, established by s. 115 POCO, is the national AML/CFT coordination authority. It comprises the AG (who is also the Chair), the Collector of Customs, the Managing Director of the Financial Services Commission, the Commissioner of the RTCIPF, the Director of the FIA and the Director of the ODPP. The functions of the AMLC include advising the Governor on AML/CFT/PF issues, developing a national action plan, and coordinating the development and implementation of policies and activities to combat ML, TF and PF: s. 116 POCO. 25. Criterion 2.3: TCI has mechanisms in place to coordinate and implement AML/CFT policies and activities. At the policy level, the AMLC, chaired by the AG, is the principal channel through which key public stakeholders coordinate efforts respecting national AML/CFT policies. The AMLC ordinarily meets at least once per quarter or more frequently as the need arises. 26. From an operational perspective, the members of the AMLC have entered into a MOU to facilitate the exchange of information in support of the investigations or prosecutions and other operational issues relative to ML, associated predicate offences, and TF. The FIA also has similar MOUs in place with the FSC, the RTCIPF, the Customs Department, IC, and the National Insurance Board. Further, the FIA and FSC have been collaborating on AML/CFT outreach and awareness activities. Similar arrangements exist between the FIA and the FCU. In addition to the MOUs, the FIA, FSC and Customs are authorised through their enabling ordinances to put in place mechanisms that allow them to share information with other relevant authorities. There is also indication that the RTCIPF, Border Control and Customs hold joint task force meetings regarding AML/CFT matters. 27. S.115(3) POCO enables the AMLC to agree to appoint persons to assist in the performance of its functions. In this regard, the Gaming Inspectorate has been invited to attend AMLC meetings, who began to attend and participate in AMLC meeting as of 2018. The Gaming Inspectorate, though a competent authority of the gaming sector for AML/CFT purposes, is not a member of the AMLC and did not, at the time of the onsite, have a MOU in place with other authorities to facilitate cooperation and the exchange of information concerning CFT matters51. 28. Criterion 2.4: S.116(a) and (c) POCO, ascribes the AMLC with the responsibility to advise the Governor on PF matters and make recommendations concerning the development of a national action plan and implementation and the development of policies and activities to combat PF. Moreover, the deficiencies identified in c.2.3 are also relevant. Weighting and conclusions
29. The AMLC is the coordinating body for the development and implementation of national AML/CFT policies. A National AML/CFT Strategy outlining the country’s AML/CFT goals has been approved, and the agencies, in keeping with the associated National Action Plan, have begun work to implement the Strategy. The Strategy however does not address all of the risks identified in the NRA. R.2 is Largely Compliant.
51 Since the on-site, the Gaming Inspectorate has signed an MOU with the FIA and Ministry of Border Control to provide a framework for greater collaboration.
Mutual Evaluation Report of the Turks and Caicos Islands
160 │
Recommendation 3 - Money laundering offence
30. Recommendation 3 (formerly R.1 and R.2) were previously rated PC and LC respectively in TCI’s 3rd Round MER. Most of the deficiencies were remedied as a result of the enactment of new legislation and the only remaining deficiency was to incorporate provisions relating to arms trafficking. The main change for this recommendation affects countries which follow the list approach to predicate offences, due to the addition of tax crimes to the list of designated categories of offences. 31. Criterion 3.1: ML is criminalised on the basis of the Vienna Convention and the Palermo Convention. The Conventions have been extended to the TCI by the UK and have been implemented domestically by legislation. S. 124 POCO creates the offences of concealing, disguising, converting, transferring and removing criminal property in keeping with article 3 (1) (b) and article 6(1) of the Palermo Convention. As it relates to article 3 (1) (c) of the Vienna Convention, participation, assisting, publicly inducing or inciting is covered by s. 125 POCO that deals with arrangements in respect of criminal property and facilitating the activities set out in s.125 by whatever means. This is sufficient to cover these offences under the Convention. 32. Criterion 3.2: In TCI, a predicate offence is any criminal conduct. Criminal conduct is any conduct that is an offence in TCI or any conduct that would constitute an offence if it had been committed in TCI: s.5 POCO. This definition of criminal conduct is wide enough to encapsulate all offences in TCI and several of those outside the TCI can serve as a predicate crime. Additionally, drug trafficking, ML, TF, people trafficking, and arms trafficking and defrauding the public revenue and cheating the public revenue are listed as predicate offences: Schedule 1 POCO. Tax Crimes have been criminalised under S.33A Theft Ordinance criminalises the act of defrauding the Government. This section sets out that anyone who makes it an offence to knowingly defraud the government. A person who contravenes this Ordinance is liable on conviction on indictment to a fine or a term of imprisonment for seven years, or to both. It provides that a person who, with intent to defraud the Government, (a) wilfully makes, delivers or causes false or fraudulent information to be made to a person employed in the public service relating to the collection of money for the purposes of the general revenue; (b) wilfully omits information, required to be provided to a person employed in the public service relating to the collection of money for the purposes of general revenue, where required by law; or (c) wilfully obstructs, hinders, intimidates or resists a person who is employed in the public service in the collection of money for the government’s purposes of general revenue, commits an offence. The language of S.33A is broad enough to include direct and indirect taxation and would be a predicate offence in the TCI if committed abroad. 33. Criterion 3.3: TCI does not use a threshold approach but uses an all crimes approach as indicated under c.3.2. 34. Criterion 3.4: The definition of property under s.3 POCO does not specifically mention ‘assets’. However, it is comprehensive enough and covers property of every kind whether situated in TCI or elsewhere. Additionally, pursuant to s. 122 POCO, the ML offence was extended to criminal property that constitutes a person’s benefit from criminal conduct in whole or in part, whether they acquired it directly or indirectly and the alleged offender knows or suspects that it constitutes or represents such a benefit. There is no value threshold and together the definitions cover the requirement. 35. Criterion 3.5: Part III POCO deals with non-conviction based civil asset recovery. It
Mutual Evaluation Report of the Turks and Caicos Islands
│ 161
allows for recovery in civil proceedings of property obtained through unlawful conduct; s. 60 (1) POCO sets out the definition of unlawful conduct. This Part allows authorities to go after the property rather than the person. A person is not guilty of an offence when he has acquired or used or had possession of the property for adequate consideration and without knowing or suspecting that the property was criminal property (s.126 POCO). However, the criminal property is liable to be confiscated: s. 62 POCO. As the action is against the property, the person who holds the property might not be the person who carried out the unlawful conduct. 36. Criterion 3.6: Definition of criminal conduct in s.5 POCO covers predicate offences that occurred in TCI or would constitute an offence in TCI if it had occurred in the jurisdiction. 37. Criterion 3.7: The ML offence is applicable to persons who commit the predicate offence: ss. 124, 125 and 126 POCO. The offences in the foregoing sections can apply equally to a person who commits a predicate offence and carried out ML activities as well as persons who carry out ML activities without being involved in the predicate offences. 38. Criterion 3.8: Although the provisions in the TCI do not explicitly address the issue of ‘objective factual circumstances, some ML offences have the mens rea of ‘knowing or suspecting’. The ML offences set out in s. 125 of POCO apply to persons who knowingly engage in criminal conduct or suspect that the conduct they are engaged in is criminal. The offences set out under s. 126 POCO, which deals with acquisition, use and possession of criminal property states that a person is not guilty of an offence if the person acquired, used or possessed the property without knowing or suspecting that the property was criminal property. Also, the person should know or suspect that the property constitutes, or represents, the benefit from criminal conduct: s.122 POCO. With respect to these offences, inferences may be drawn from objective factual circumstances to establish intent and prove ML. Similarly, the ML offences in s. 12452 can be proved in like manner. 39. Criterion 3.9: Where a MLRO consents to the commission of ML the penalty on summary conviction is 12 months or a fine of USD 10,000 or both: s.123 POCO. The penalty on indictment is imprisonment for 5 years or a fine of USD 10,000 or both. These penalties are dissuasive. Additionally, a person guilty of ML under ss. 124-126 POCO is liable on summary conviction to imprisonment for 2 years and a fine of USD 200,000 or both. On the other hand, a person liable on indictment will receive a prison term of 14 years and a fine without limit or both. Penalties for summary and indictment for ML under ss.124 - 126 are dissuasive. Also, the possibility of an unlimited fine allows the court to set the fine and consider the best option applicable or the most dissuasive option for each case. 40. Criterion 3.10: Where the ML offences in POCO refer to ‘a person’, a legal person is included as s.3 Interpretation Ordinance defines person to include both natural and legal persons. As a result, there is no distinction in TCI between natural and legal persons in as far as where the application of criminal liability is concerned. Therefore, penalties under ss. 124-126 POCO would be applicable to legal persons. The fines on summary conviction for a legal person do not appear dissuasive as they may be insignificant for a large company however coupled with imprisonment it would be dissuasive. Additionally, Part III POCO provides for civil recovery by the State of property obtained through unlawful conduct or property connected, use for or intended to be used for unlawful conduct. Legal persons are also subject to civil and
52 S. 124 POCO creates the offences of concealing, disguising, converting, transferring and removing criminal property.
Mutual Evaluation Report of the Turks and Caicos Islands
162 │
administrative sanctions, including revocation or suspension of license, issuance if a directive, being wound up and the imposition of a financial penalty: s.33(2) FSCO. 41. Criterion 3.11: The definition of ML extends the offence of ML to appropriate ancillary offences. S. 126 POCO deals with entering into or otherwise being involved in arrangements which facilitate proceeds of crime being retained or controlled by or on behalf of a person who has committed criminal conduct. It also criminalises arrangements, which are used to ensure that funds are placed at the disposal of persons who committed the criminal conduct, or which are used to acquire property for the benefit of such persons. These provisions would therefore cover participation in, association with, the facilitating, aiding, abetting and conspiring to commit ML. Further, s.45 of the Interpretation Ordinance makes provision for attempt to commit offences and s.5 (5) Criminal Law Ordinance (CLO) makes it an offence for any person to aid, abet, counsel or procure the commission of any offence. Weighting and conclusions
42. The rating for Recommendation 3 is Compliant.
Recommendation 4 - Confiscation and provisional measures
43. TCI was rated LC for R.4 (formerly R.3) in its 3rd round MER. The highlighted deficiency at the time was that the forfeiture and confiscation of instrumentalities intended for use in or use in ML/TF offences were not clearly covered by POCO. The main requirements of this Recommendation remain the same, with some revisions. The revised R.4 now requires countries to have mechanisms for managing and when necessary, disposing of property frozen, seized and confiscated. 44. Criterion 4.1: TCI has provision for both conviction and non-conviction based confiscation regime: ss. 13 and 88 POCO. 45. (a) Where a defendant is convicted by the court for an offence or offences, the prosecutor or the court can consider confiscation proceedings where they consider it appropriate that the defendant has benefitted from his general or particular criminal conduct: s. 13 POCO. Although POCO does not explicitly speak to property laundered, confiscation proceedings are applicable to any realisable properties, including, but not limited to, those held in the defendant’s name and the recipient of a tainted gift: s. 6 (1) (a) (b) POCO. 46. (b) Confiscation applies to all proceeds from criminal conduct from which the defendant may have benefitted or obtain a pecuniary advantage, as a result of or in connection with his criminal conduct (s. 5 POCO). Property and cash that has been used in, or in connection with or is intended to be use in connection with unlawful conduct can be subjected to confiscation through the civil recovery regime: s.59(1)(a) and (b) POCO. Although instrumentalities are not explicitly contained in the Ordinance, the definition of property within the POCO is broad and can be interpreted to include instrumentalities. 47. (c) The court can make a forfeiture order where a person has been convicted for an offence under s.9 - 12 POTO (offences relating to FT) which includes property that is used in, or intended, or allocated for use in terrorist organisations which would then be capable of being confiscated: s.21 POTO. A police officer seize property found in the course of a search which he reasonably believes is intended to be used in connection with terrorism for as long as is necessary
Mutual Evaluation Report of the Turks and Caicos Islands
│ 163
in the circumstance (s.55); or when acting pursuant to a restraint order made under schedule 2 of the POTO: s.36(2) POTO. Additionally, the definition of terrorist property in s. 4(1)(a) includes money or other property which is likely to be used for the purposes of terrorism (including any resources of a proscribed organisation). A forfeiture order is applicable to any property that the person has in their possession or control at the time of the offence and any property which the person intended should be used, or had reasonable cause to suspect might be used, for the purpose of terrorism. 48. (d) Confiscation is applicable to property of corresponding value: s.7 and 8 POCO. 49. Criterion 4.2: (a) LEA can identify, trace and evaluate property that is subject to confiscation through the use of several investigative tool that are available under POCO. Some of these investigative tools include production orders (s.135), search and seizure warrants (s.138), customer information orders (s.141) and account monitoring orders (s.145). LEAs have the powers to trace recoverable property under part III POCO. 50. (b) Where the court is satisfied that certain provisions in s.41(1) POCO are met, on the application of the prosecutor, it may by order, prohibit any person(s) specified in the order from dealing with any realisable property held by him, subject to the conditions and exceptions specified in the order: s.42 POCO. The proceeding is an ex-parte. Competent authorities are also permitted to make the necessary application for a freezing order for property in civil recovery proceedings: s.72 POCO. 51. (c) A prosecutor is permitted to make an application without notice to a Judge in Chambers to prohibit any person from dealing with any realisable property held by a specific person: s.42 POCO. Thereafter, a police officer may seize any realisable property for the purpose of preventing the removal of said property from the Islands: s.42(6) POCO. Under s.48, the effect of the restraint order is that is prevents the property from being distrained against, the exercise of the right of forfeiture by a landlord in respect of property that is a tenancy and may cause pending proceedings in relation to the property to be stayed. A police officer is endowed with the authority to seize property found in the course of a search which he reasonably believes is intended to be used in connection with terrorism for as long as is necessary in the circumstance: s.36(2) and 55 POTO; or when acting pursuant to a restraint order made under schedule 2 POTO. 52. (d) Competent authorities are endowed with investigative powers for identifying and tracing the property under POCO: production orders (s.134), search and seizure warrants (s.138), customer information orders (s.141) and account monitoring orders (s.145). For the TF investigations, the POTO provides for account monitoring orders (s.28 and Schedule 5), warrant for entering and searching the premises and cordoned areas, obtaining production orders and orders of explanation of seized or produced material and procedures for urgent cases (s.26 and Schedule 3) and customer information orders (s.27 and Schedule 4). 53. Criterion 4.3: Measures for the protection of bona fide third-party rights are provided for in POCO. A notice is required to be given to any individuals who are affected by the restraint order (s. 43). The individuals affected can make an application to discharge or vary the restraint under s.43(2), whereby the court is required to allow the individual who holds an interest in any property that is affected by a restraint order to be heard. 54. Criterion 4.4: POCO makes provision for the appointment of management and enforcement receivers in accordance with ss. 46 and 47 respectively for the management and disposal of property frozen, seized or confiscated. S. 88 POCO provides for the appointment of
Mutual Evaluation Report of the Turks and Caicos Islands
164 │
a Trustee to manage and dispose of property subject to the restraint or Recovery Orders respectively. The National Forfeiture Fund is established to deal with forfeited cash. Weighting and conclusions
55. R.4 is rated Compliant. Recommendation 5 - Terrorist financing offence 56. In its 3rd Round MER, TCI was rated PC for this recommendation (formerly SR II). The deficiencies were as follows: (1) that the penalty for terrorism and terrorist financing offences at the summary level was not considered to be an effective punishment and hence sufficiently dissuasive, (2) directing terrorism as an offence was not defined in law, (3) the mens rea requirement for the offences in the Terrorism UN Order and the Al Qaida Order were not consistent with the description set out in the Anti-Terrorism Order. The enactment of the POTO addressed these deficiencies. 57. Criterion 5.1: Criminalising TF in accordance with Article 2 of the Terrorist Financing Convention is provided for under sections 9-12 of the POTO. Section 9 deals with raising funds for terrorism, section 10 deals with use or possession of money or property for terrorism, section 11 deals with arranging funds for terrorism and section 12 deals with arrangement for retention and control of terrorist property. S.3 POTO criminalises the act of terrorism and incorporates by reference the offences listed in the Terrorism Conventions listed in the Schedule to the POTO. 58. Criterion 5.2: It is an offence to use or possess property or engage in fundraising for the purposes of terrorism and to launder terrorist property: Part 3 POTO. The offence of raising funds for terrorism is contained in s.9 POTO in respect of a person who invites another to provide property, who receives property or provides property knowing or having reasonable cause to suspect that it will or may be used for the purpose of terrorism. The intent required in section 9 is that the person intends that the property should be used or has reasonable cause to suspect that it may be used for TF. The fact that ‘reasonable cause to suspect’ is one of the thresholds to prove intent covers the provision of property whether directly or indirectly, for use in full or in part. Moreover, s.4(2) (a) POTO states that a reference to proceeds of an act includes a reference to any property which wholly or partly, and directly or indirectly, represents the proceeds of the act (including payments or other rewards in connection with its commission) 59. Criterion 5.2bis: The act of financing the travel of a person for preparation, planning or participation in terrorists act or receiving terrorist training is covered by s. 9-12 POTO. The provisions (which deal with TF) are wide enough to include the offence of financing the travel of a person for the purpose of preparing for or planning activities contemplated by this criterion. The sections criminalise TF whether a terrorist act results or not; as what is required is that the person intends that the property may be used or the person suspects that the property will be used. Additionally, s.3(2) POTO states that actions which falls within the definition of terrorism includes any contribution, sponsorship or aid to any person with the intent to commit a terrorist act. Cover the financing of a person travelling to another country for the purpose of terrorism: s.3(2) POTO. Further, s.3(4) POTO extends to persons performing the act of terrorism outside of TCI. 60. Criterion 5.3: Once a person knows or has reasonable cause to suspect that it will or may be used for the purposes of terrorism or intends that it should be used, or has reasonable
Mutual Evaluation Report of the Turks and Caicos Islands
│ 165
cause to suspect that it may be used, for the purposes of terrorism then the person will be caught under the TF offences contained in s. 9 to 12 POTO regardless of the legitimacy of the sources of funds. While it does not specify whether the funds are from a legitimate or illegitimate source it does provide for property in its interpretive provisions which state ‘and every description of property’. The latter category would suggest property from legitimate sources would also be captured. Further, under the definition of terrorist property under s.4 it includes money or other property which is likely to be used for the purposes of terrorism (including any resources of a proscribed organisation). 61. Criterion 5.4: The TF offences established by s. 9-12 POTO states that an offence is committed where a person knows or intends that property should be used or has reasonable cause to suspect that property may be used, for the purposes of terrorism. Under these provisions it is not necessary that the property was actually used to carry out or attempt a terrorist act and do not require that the property be linked to such acts. 62. Criterion 5.5: There is no explicit provision in the POTO which requires the intentional element of the offence of terrorist financing to be inferred from objective factual circumstances. However, it is expected that the Courts will make such inference as they do for ML offences. The jurisdiction also has the ‘mens rea’ elements of ‘knows’ intends’ and suspects’ that the property will or may be used for the purposes of terrorism. 63. Criterion 5.6: Conviction for TF offences in s. 9-12 POTO occurs on indictment and carries a penalty of a fine (no maximum amount) or a term of imprisonment of 14 years or both. The penalties are proportionate and dissuasive. 64. Criterion 5.7: Criminal liability also extends to legal persons. The Interpretation Ordinance defines ‘person’ to include any corporation, either aggregate or sole, and any club, society, association, or other body, of one or more persons. S. 62 POTO goes further in extending liability to a partner of the partnership, or director, manager, secretary or other similar officer where an offence under this Ordinance committed by a limited liability partnership or body corporate is proved. Whilst not stated in the legislation, parallel civil proceedings are not explicitly precluded. Terrorist property is liable to forfeiture by the Court: s. 21 POTO. The sanctions available are proportionate and dissuasive (see c.5.6 above). 65. Criterion 5.8: S.12A(a) POTO covers all the offences listed in paragraphs (a) – (d) in this criterion and a person found guilty of the offences is liable on conviction punishable as if the offence itself has been committed. 66. Criterion 5.9: TF is a predicate offence to ML: s. 124-126 POCO (see c.3.3). 67. Criterion 5.10: S. 3 (4) POTO, which sets out the definition of terrorism provides that terrorism can be committed in or outside of the TCI. Additionally, pursuant to s. 53 POTO, if a person commits an offence outside of the TCI and the person’s actions would have constituted an offence under s. 9-12 if it had been done in the TCI then that person would be guilty of any of the offences. Therefore, under POTO the offence of TF is committed irrespective of whether the person alleged to have committed the offence is in the same country or a different country from the one in which the terrorist or terrorist organisation is located, or the terrorist act occurred or will occur. Weighting and conclusions 68. R.5 is rated Compliant.
Mutual Evaluation Report of the Turks and Caicos Islands
166 │
Recommendation 6 - Targeted financial sanctions related to terrorism and terrorist financing 69. In the 3rd Round MER, TCI was rated LC on SR.III. The deficiencies reflected the absence of a formal or administrative provisions to ensure that freezing of funds and assets will be carried out without delay; there were no procedures which apply directly to persons inadvertently affected by freezing orders; procedures for authorising access to frozen funds for incidental costs or expenses; and no clear procedures for the communication of lists of suspected terrorists to the financial sector. By the time of the Mutual Evaluation, the Authorities were of the view that POCO widely covered the freezing of funds for any criminal conduct. To enhance the legal provisions adopted and amended its existing legislation. 70. Criterion 6.1: As a British Overseas Territory (BOT), the TCI implements sub-criteria (a) to (e) through the UK. Designations for UNSCR 1267/1988 and 1989 are proposed by the UK’s Foreign and Commonwealth Office (FCO) to the UN. Sanctions implemented by the UK are then implemented by TCI through Sanctions Orders issued by the UK to its overseas territories. These Orders give effect to measures adopted by the Security Council pursuant to 1267/1988 and 1989. 71. Criterion 6.2: (a) The Governor has the responsibility to designate a person or an entity: ss. 2 and 6 Terrorist Asset-Freezing, etc. Act 2010 (Overseas Territories) Order 2011 (TAFA). 72. (b) The factors that enable the Governor to make this designation pursuant to UNSCR 1373 are set out in ss. 2 and 6 TAFA. S. 2 (a) and (b) deals with final designations and s.6 (1) deals with interim designations. 73. (c) Request from another country would be treated in like manner as (b) above and the standard of proof as set out in s. 2 (a) TAFA is reasonable belief and is not conditional upon the existence of a criminal proceeding. A prompt determination is made so long as the requesting country provides all the necessary information that satisfies the criteria set out in ss. 2 and 6 TAFA. 74. (d) As stated in paragraph (c), the evidentiary standard for making a designation is reasonable belief and such designations are not conditional on the existence of a criminal proceeding. A person or entity can be designated as long as the criteria set out in ss. 2 and 6 TAFA are satisfied. 75. (e) Requests of this nature would have to go through the UK FCO. However, the Governor is able to co-operate with countries including through disclosure of information and documents: s.24 TAFA. 76. Criterion 6.3: (a) RTCIPF and Customs Department have the legal authority and mechanisms to conduct terrorist investigation as defined in s.2 POTO. This includes the power to collect or solicit information to identify persons and entities that, based on reasonable grounds, or a reasonable basis, meet the criteria for designation. A person must disclose information that the person knows or believes might be of material assistance in preventing terrorism or in securing the apprehension, prosecution or conviction of another person for an offence involving the commission, preparation or instigation of terrorism (s.29 POTO). Additionally, the powers of officers’ investigation include searching premises and cordoned areas, obtaining production orders and orders of explanation of seized or produced material and procedures for urgent cases (Schedule 3 POTO). Schedule 4 POTO makes provision for obtaining financial information by
Mutual Evaluation Report of the Turks and Caicos Islands
│ 167
the use of customer information orders. Further, s. 7(3) Customs Ordinance allows for disclosures by any person or any document, information or confidential instruction where that disclosure is authorised by or under any enactment or by the Collector. (b) The Governor can operate ex parte as notifications of designations are only given to the person identified after the designation has been made (s. 3 and 7 TAFA). 77. Criterion 6.4: No person must make funds or economic resources available to a designated person or deal with the funds or economic resources of a designated person (s. 11-15 TAFA). The sections do not say ‘without delay’ or provide a timeframe in which freezing is to occur. However, once a person realises that they are dealing with such funds or economic resources they must freeze the funds. With respect to designations under 1267, the Sanctions Orders that have been extended to the TCI by the UK contain paragraphs that prohibit a person from dealing or making available funds or economic resources available to the designated person and failure to comply is an offence. Further, pursuant to Article 5 Policing and Crime Act (Financial Sanctions) Overseas Territories Order 2017 (PCA), which extended the UK United Nations and European Union Financial Sanctions (Linking) Regulations 2017 to TCI, a UNSCR designating a person or entity as being the subject of financial sanctions automatically takes effect in the UK and by extension the TCI for 30 days or until the EU adds the new listing to an existing sanctions regulation: s. 154 and 155 PCA. 78. Criterion 6.5: (a) The process for having all natural and legal persons freeze without delay and without prior notice, funds or other assets of designated persons and entities is contained in s. 3, 7 and 11-15 TAFA. Ss. 3 and 7 stipulate that the Governor after making either a final or interim designation must notify the person designated and takes steps to publicise the designation. This is not in line with the requirement to freeze without delay and without prior notice to the designated person or entity as there is no indication when the financial sector or other persons dealing with the funds or assets must be notified. However, the Financial Sanctions Guidance of the TCI states that within hours of making a designation, a legal notice must be published on the website of the FSC and AGC. Further, it must be published in the Gazette. Additionally, where a person is dealing with the funds or economic resources of a designated person, they are required to freeze such funds and economic resources thus making them unavailable to the person: s. 11-15 TAFA. Further, the effect of the PCA is financial sanctions takes effect automatically in the UK and similarly in the TCI. 79. (b) The freezing obligations are extended to funds or economic resources owned, held or controlled by a designated person: s. 11 TAFA. Funds, financial services and economic resources must not be made available directly or indirectly to a designated person or to any person for the benefit of a designated person: s. 12-15 TAFA. ‘Fund’ is defined as financial assets of every kind and ‘economic resources’ are defined as assets of every kind whether tangible or intangible, movable or immovable, which are not funds but can be used to obtain funds, goods and services: s.39 TAFA. Also, s. 40 TAFA is very broad and includes any services of a financial nature. Similar provisions are found in Article 5 of the ISIL (Da’esh) and Al-Qaida (Sanctions) (Overseas Territories) Order 2016. 80. (c) All persons and entities in TCI are prohibited from making funds or other economic resources available directly or indirectly to designated persons or entities (s. 12-15) unless licensed under s. 17 TAFA or Article 11 of the ISIL (Da’esh) and Al-Qaida (Sanctions) (Overseas Territories) Order 2016. 81. (d) The FSC has on its sanctions page links to the UN, EU and UK designation and
Mutual Evaluation Report of the Turks and Caicos Islands
168 │
sanctions lists. In accordance with the Financial Sanctions Guidance following designation a legal notice must be published on the website of the FSC and AGC. Further, it must be published in the Gazette within hours. Notice is also sent to FIs and DNFBPs advising of the publications. 82. (e) FIs and DNFBPs must inform the Governor without delay if it credits a frozen account (s.16 TAFA). Further, they must report to the Governor the nature and amount or quantity of any funds or economic resources held by it for a customer: s. 19(4) TAFA. Additionally, Regulation 32(1) (aa) AML/PTF Code states that the financial business shall require the MLRO to make external SARs to the FIA including the amount of attempted transactions concerning ML and TF. 83. (f) With respect to UNSCR 1267, Article 5(6) of the ISIL (Da’esh) and Al-Qaida (Sanctions) (Overseas Territories) Order 2016 and Article 29 of the Afghanistan (United Nations Measures) (overseas Territories) Order 2012 protects the rights of bona fide third parties by providing that no liability arises for any person concerned in the freezing of funds or economic resources in accordance with the Order unless it is proved that the funds or economic resources were frozen or withheld as a result of negligence. The other Sanctions Orders referred to above contain similar provisions. Further, the EU Sanctions regimes which extends to TCI as a BOT protect bona fide third parties. Relevant provisions offering such protection can be found in Article 6 of the European Regulation EC 881/2002 and Article 7 of European Regulation EC 753/2011. However, for UNSCR1373 designations, there are no specific provisions to protect the rights of bona fide third parties. 84. Criterion 6.6: (a) As it relates to the 1267/1989 sanctions regime the TCI is a BOT and the UK is the authority to propose persons or entities to the 1267/1989 Committee for delisting. The procedure for delisting is set out in the UK’s Sanctions Guidelines. 85. (b) For UNSCR 1373 designations, the Governor is empowered to vary or revoke designations: s. 5(1) and 9(1) TAFA. Once a revocation is made then s. 11-14 would no longer apply and any funds or economic resources frozen would be unfrozen. Also, s.4 TAFA designations expire after 12 months unless renewed. 86. (c) Persons or entities designated pursuant to UNSCR 1373 can appeal the Governor’s decision to the Supreme Court: s. 26 and 27 TAFA. 87. (d) - (e) TCI has no authority to propose designations directly to the UN. The UK would be the authority to propose persons or entities to the 1988 Committee for designation, have procedures for informing designated persons and entities of the availability of the United Nations Office of the Ombudsman and have publicly known procedures to unfreeze the funds or other assets of persons or entities in accordance with its laws and guidelines and following the procedures in the relevant UNSCRs. This information is found in the UK’s Financial Sanctions Guidance. Specifically, Chapter 6 deals with exemptions and licensing and Chapter 8 deals with challenging designations. 88. (f) For designations made by the UK, s. 8.4 of the UK Sanctions Guidelines sets out the procedure to deal with persons inadvertently affected by a freezing mechanism. As it relates to designation by TCI, page 16 (para 3.2.1) of the Financial Sanctions Guidelines of the TCI deals with situations where the FI or DNFBP finds a name which matches an entry on the UK lists or the Governor’s list and explains the difference between a name match and a target match. However, the Guidance does not set out the steps or procedure that a person or entity can take where their assets have been advertently frozen.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 169
89. (g) The Governor must take reasonable steps to bring the variation or revocation to the attention of the persons informed of the designation: s. 5(2) and 9(2) TAFA. Further, the Governor is not required to provide guidance to FIs and other persons or entities including DNFBPs that may be holding targeted funds or other assets on their obligation to respect a delisting or unfreezing action. 90. Criterion 6.7: S. 16 (3) and 17 TAFA provide for access to frozen funds as under these sections the prohibitions against dealing or making funds or economic resources available to a designated person would not be contravened as long as the Governor issues a licence authorising access (s.17). The Section, while not specifically listing the expenses (basic or extraordinary) is general enough to cover both types of expenses as the Governor is given the latitude to make the license general or subject to conditions. Additionally, the Orders in Council made 2012-2017 contain paragraphs that authorises the Governor with the permission of the Secretary of State to grant a licence authorising the payment of basic expenses, reasonable professional fees, fees or service charges, extraordinary expenses and payment of a judicial, administrative or arbitral lien or judgment incurred before designation. Weighting and conclusions 91. There are legal mechanisms requiring that freezing takes place without delay and without prior notice. TCI has sufficient mechanisms to collect and solicit information in order to identify persons and entities that meet the criteria for designation. Designations are not conditional on the existence of a criminal proceeding. The obligation to freeze is not limited to funds or other assets that are tied to a particular terrorist act, plot or threat and that all funds or other assets/economic resources are frozen once owned or controlled by the designated person. There are direct measures to communicate designations, unfreezing and de-listings to the FIs and DNFBPs and other persons. While guidance has been issued to FIs and DNFBPs it does not state that FIs and DNFBPs are to respect the delisting and revocations. FIs and DNFBPs are required to report to competent authorities any assets frozen in compliance with the prohibition requirements of the UNSCRs 1267 and 1373. The MLRO is required to report attempted transactions to the FIA. Bonafide third parties are protected from targeted financial sanctions under the 1267/1989 and 1988 designations. However, no such protection is afforded under the TAFA for domestic designations. There are no public procedures to deal persons inadvertently affected by a 1373 designation. R.6 is rated Largely Compliant.
Recommendation 7 – Targeted financial sanctions related to proliferation
92. This recommendation is new therefore there is no previous rating or country information to include. 93. Criterion 7.1: S. 11-15 TAFA deal with freezing of funds and economic resources of a designated person or entity by FIs without delay. These provisions stipulate that no person must deal with or make the funds or financial services or economic resources available to designated persons or for their benefit. Therefore, once a person or entity has knowledge of or reasonable cause to believe that they will be dealing with or making funds or other resources available they must cease that activity and freeze without dely. Additionally, pursuant to the PCA a UN Resolution subjecting a person or entity to financial sanctions takes automatic effect in TCI. Additionally, various Orders in Council made between the years 2012 and 2017 made pursuant to the relevant UNSCRs against Iran and DPRK by the UK have been extended to the TCI for
Mutual Evaluation Report of the Turks and Caicos Islands
170 │
their implementation. The Orders related to DPRK implemented UNSCRs 1718(2006), 1874(2009), 2094 (2013), 2270(2016), 2321(2016), and European Union in Council Decisions. The Orders contain paragraphs that make it an offence to knowingly deal with the funds or economic resources belonging to, owned, held or controlled by a designated person. These Orders come into force upon commencement. 94. Criterion 7.2: (a) As mentioned in c.7.1, the process for having all natural and legal persons freeze without delay funds or other assets of designated persons and entities is contained in s. 11-15 TAFA, Article 4 Iran (Sanctions) (Overseas) (Territories) Order 2016 and the Democratic People’s Republic of Korea (Sanctions) (Overseas Territories) Order 2012, and Article 5 PCA. These provisions stipulate that a person must not make funds or economic resources available to a designated person (or for the benefit of a designated person) if the person knows, or has reasonable cause to suspect, that the person is a designated person. Further, the Orders mentioned in c.7.1 contain similar provisions. The Sections do not include ‘without delay’ or provide a timeframe in which freezing is to occur. However, once a person realises that they are dealing with such funds or economic resources they must freeze the funds. 95. (b) As stated in criterion 6.5(b) the freezing obligation extends to the full range of funds or other assets as required. Additionally, similar provisions are found in Article 3 of the Orders mentioned above in paragraph (a). 96. (c) An FI must inform the Governor without delay if it credits a frozen account: s. 16 TAFA. Access to frozen funds and assets may be done by the issue of a licence issued by the Governor under s.17. Similarly, the Orders extended to the TCI by the UK contain provisions for access to funds once a licence has been given by the Governor. 97. (d) See 6.5(d). 98. (e) While FIs and DNFBPs are required to report to the Governor any assets frozen or actions taken in compliance with this recommendation pursuant to s.19(4) TAFA, no such requirement exists for attempted transactions. 99. (f) The rights of bona fide third parties are protected by providing that no liability arises for any person concerned in the freezing of funds or economic resources in accordance with the Orders unless it is proved that the funds or economic resources were frozen or withheld as a result of negligence: Article 4(6) of the Iran (Sanctions) (Overseas Territories) Order 2016 and the Democratic People’s Republic of Korea (Sanctions) (Overseas Territories) Order 2012. Similarly, the orders mentioned in criterion 6.5(f) contain similar provisions that protect bona fide third parties. 100. Criterion 7.3: The FSC monitors and ensures compliance with this recommendation and failure to implement TFS as required by the TAFA and the Iran and DPRK (Sanctions) Orders is an offence and punishable on indictment to imprisonment up to 7 years and a fine or both: s.32(1) TAFA, 27(1) Iran (Sanctions) Order and 17(1) DPRK (Sanctions) Order). Additionally, legal persons are subject to civil and administrative liability and sanctions pursuant to s.33 Financial Services Commission Ordinance (FSCO) such as revocation of licence or a financial penalty. Further, Schedule 1 of the Financial Services (Financial Penalties) Regulations sets out various penalties for different breaches and includes a penalty of USD 2,000 to USD 10,000 for compliance breaches and USD 100 to USD 50,000 for any other contravention. 101. Criterion 7.4: (a) The UK is the authority to submit de-listing request to the Security
Mutual Evaluation Report of the Turks and Caicos Islands
│ 171
Council and inform designated persons and entities of the availability of the UN focal point for delisting where a designated person or entity no longer meets the criteria for designation. These delisting procedures are set out in the UK Financial Sanctions Guidance (N/A). 102. (b) TCI depends on the UK which has procedures for how false claims are dealt with. S.8.4 UK Financial Sanctions Guidelines provides guidance on mistaken identity. 103. (c) TCI has indicated that where a sanctions measure includes a specific exemption, (as mentioned in Paragraph 9, UNSCR 1737), these would be permitted – with the issue of a licence as provided for in Article 7(3) Iran (Sanctions) (Overseas Territories) Order 2016 and Article 11(3) Democratic People’s Republic of Korea (Sanctions) (Overseas Territories) Order 2012, as amended, giving access to funds or other assets. (d) See 6.6(g). 104. Criterion 7.5: (a) A frozen account can be credited with interest or other earnings due on the account, or payments due under contracts, agreements or obligations that were concluded or arose before the account became a frozen account: s.16 TAFA. 105. (b) S. 17 TAFA provides that access to frozen funds and assets may be given via licences granted by the Governor to a person including a designated person. The Section does not set out the requirements in paragraphs (i), (ii) and (iii). However, Article 7(f) Iran (Sanctions) (Overseas Territories) Order 2016 provides for payment by a designated person due under contract or an agreement concluded, or an obligation that arose before the designated person was so designated if the contract or agreement is not related to any activity which would be an offence under the Order and the payment is not for the benefit of a designated person. The Governor may only give licenses with the consent of the UK Secretary of State. The required notification to the 1737 UN Sanctions Committee would be done by the UK during the time that the Secretary of State is considering giving consent for the license. Weighting and conclusions 106. Natural and legal persons are required to freeze without delay and without notice to the designated person. The obligation to freeze is not limited to funds or other assets that are tied to a particular terrorist act, plot or threat of proliferation and that all funds or other assets/economic resources are frozen once owned or controlled by the designated person. The Governor is empowered to grant a licence for access to funds and other assets to nationals in accordance with the relevant UNSCRs. There are mechanisms to communicate designations to FIs and DNFBPs and providing clear guidance to FIs, DNFBPs and other persons and entities. FIs and DNFBPs are required to report to competent authorities any assets frozen or actions taken in compliance with the prohibition requirements of the relevant UNSCRs. There are no obligations to report attempted transactions. Innocent third parties are protected from the targeted financial sanctions related to proliferation and false positives are handled by the UK. Compliance with the law is monitored by the FSC and there are sanctions for non- compliance. Access to frozen funds where the exemption conditions are met is provided for. R.7 is rated Largely Compliant. Recommendation 8 – Non-profit organisations 107. This Recommendation, which was formerly SR. VIII, was rated NC in the 3rd Round MER mainly because TCI had not addressed the NPOs that could be used for FT in their legislative framework. At the conclusion of TCI’s follow-up process, it was reported that TCI had made progress with the registration of NPOs and training of NPOs had been undertaken by the FIA and the FSC. The outstanding deficiency was related to the absence of enforcement
Mutual Evaluation Report of the Turks and Caicos Islands
172 │
action by the NPO supervisor, since Part V of the Non-Profit Organisations Regulations, 2014 had not been brought into force. 108. For R.8 there is now clarity as to the sub-set of NPOs now subjected to the related requirements in order to ensure that R.8 is in line with the targeted risk-based approach. 109. Criterion 8.1: (a) The FSC has conducted an assessment of the NPO Sector to identify those which by virtue of their activities or characteristics, are likely to be at risk for TF abuse. However, the information gathering process was based on information collected during the registration process (approximately 2 years old) and not based on any onsite information. The majority of the review described in detail the methodology undertaken and lacked analysis. The assessors were unable to ascertain the underlying facts that gave rise to the conclusions on risk and were unable to determine the reasonableness of the assessment. The review appeared very preliminary and lacked overall comprehensiveness and reasonableness. 110. (b) The authorities noted in the NRA that generally, NPOs abuse were likely to come through the diversion of funds which the NPOs collected or raised and from NPOs that are engaged in service activities and which also operated in close proximity to an active terrorist threat are those that are particularly susceptible. The threats articulated here appear to be highly generalised and those specific to the TCI were not identified. The authorities have also cited Regulation 4(1)(d) Non-Profit Organisation Regulations (NPOR) which provides for the functions of the NPO Supervisor, to inter alia, conduct periodic reviews of the non-profit sector in the Islands for the purpose of identifying the features and types of NPOs that are at risk of being used for ML/TF. The nature of threats posed by terrorist entities to NPOs which are at risk as well as how terrorist actors abuse those NPOs are not addressed. 111. (c) The FSC conducted an assessment of the NPO Sector to identify those which pose a higher risk of terrorist abuse. The results of this assessment have been used to make recommendations for legislative changes. Four (4) of the registered NPOs have been assessed as high risk. The assessment has identified measures to address each risk category identified. 112. (d) Regulation 4(d) NPOR ascribes a duty to the NPO Supervisor to undertake periodic reviews of the non-profit sector in the Islands for the purpose of identifying the features and types of NPOs that are at risk of being used for TF/ML. Additionally, sub-regulation (3) also provides that where the NPO Supervisor forms the view that the NPO legislation is not effective in protecting NPOs from being used for TF/ML, the NPO Supervisor shall make a report to the Governor in Cabinet, recommending appropriate changes to the NPO legislation. Regulation 4 (3) provides that reassessment of the sector has resulted in amendments to the NPOR in 2018 to strengthen oversight of the sector. Some of the amendments made to NPOR in 2018 were in relation to documents required to be submitted with application to register (Regulation 7(2A); further grounds for refusal to register (s. 9(1A); requirement for NPOs to appoint controllers (Regulation 10A); requirement for change of information to be provided to NPO Supervisor (Regulation 11); maintaining and filing of accounts (Regulation. 14). 113. Criterion 8.2: (a) The policies to promote accountability, integrity and public confidence in the NPOs sector are enshrined in the POCO and Non-Profit Organisations Regulations (NPOR). S. 174 POCO provides for the appointment of a supervisory authority for NPOs whose functions include: registration supervision and enforcement; the gathering of information and the disclosure of information to the AMLC and LEAs in the TCI. Regulation 4 (2) NPOR provides detailed functions and duties of the NPO Supervisor. These detailed functions
Mutual Evaluation Report of the Turks and Caicos Islands
│ 173
include monitoring: all NPOs for compliance with the POCO and NPOR; the effectiveness of the NPO legislation in protecting NPOs from being used for TF and ML; and ensuring the compliance of the TCI with the FATF Recommendations, as they apply to NPOs. For accountability and public confidence purposes, the NPOs Supervisor is required to maintain a register of TCI’s NPOs and that register particularises specific information in respect of each NPO including: (1) the NPO’s full name, address in the TCI, telephone number and e-mail address (if any); (2) a summary of the NPO’s purpose, objectives and activities; (3) the names of the persons who own, control or direct the NPO; (4) the date of the NPO’s registration and, if applicable, de-registration. Additional information including the address where the NPO keeps its records are also maintained in the NPOs register. The public has access to information and any person may require the NPO Supervisor to provide details of the information entered on the NPO Register upon the payment of a fee of USD 50. Regarding integrity, NPOs have a record keeping obligation which include the keeping of financial records which must be detailed enough to show and explain its transactions, within and outside the Islands, and that are sufficiently detailed to show that its funds have been used in a manner consistent with its purposes, objectives and activities and show the source of its gross annual income: Part IV NPOR. 114. (b) The NPO supervisor is required to undertake outreach to NPOs with the objective of protecting the sector from being misused for TF or ML. The outreach activities required to be undertaken by the NPO supervisor includes (a) raising awareness concerning the risks of their being used for TF or ML and the measures available to protect against such abuse: Regulation 4(e) NPOR. 115. (c) The TCI has not provided information relating to the Authorities working with NPOs to develop and refine best practices to address TF risk and vulnerabilities and thus protect them from TF abuse. 116. (d) The Authorities have reported that most NPOs have bank accounts and so are able to conduct transactions via regulated financial channels. NPO Guidance requires financial transactions to be conducted via regulated financial channels. A consideration at registration is for the NPO to have a bank account. An NPO would be declined registration if there is no bank account. 117. Criterion 8.3: Risk-based supervision is applied on the basis of segregating required information in the form of financial statements dependent on the level of gross annual income of the NPO. Notwithstanding, a registered NPO is required to submit financial statements, and those with annual gross income of greater than USD 500,000 must be certified by an accountant: Regulation 14 NPOR. The financial statements must include a list of donors in excess of USD 10,000 and also of any association operating under the control of the NPO. NPOs are required to maintain records for at least 5 years: Regulation 12 NPOR. These include records of the NPO’s purpose, objectives and activities; the identity of the persons who control or direct its activities, including, as appropriate, senior officers, directors and trustees; the identity, credentials and good standing of its beneficiaries and associate NPOs; and financial records. NPOs are registered as a company and an NPO register is maintained by the NPO Supervisor. The NPO Supervisor may take disciplinary action by imposing an administrative penalty against an NPO if it is satisfied that the NPO has committed a disciplinary violation. After the imposition of the penalty has become final, the NPO Supervisor is required to advertise the imposition of the penalty by publication in the country’s Gazette. 118. Criterion 8.4: (a) The NPO supervisor, the FSC, monitors compliance with
Mutual Evaluation Report of the Turks and Caicos Islands
174 │
requirements of the NPOR and with the FATF Recommendations which as highlighted above, contains the application of risk-based measures. 119. (b) Sanctions exist and vary from fines to de-registration. Regulation 6 of the NPOR and as amended by Regulation 4 of the NPO (Amendment) Regulations provides for fines which include USD 30,000 for unlawful operation without required registration, USD 20,000 for failure to keep records and USD 50,000 for failure to disclose information. A fine of USD 5,000 or imprisonment for 6 months is also applicable to a person convicted for an offence in relation to knowingly making a false disclosure to the NPO Supervisor. Administrative disciplinary action is provided for under Section V NPO Regulations, which came into force on 1st July 2018. Further, while de-registration may be dissuasive (Regulation 10 NPOR), the fine of USD 50,000 for unlawful operation without registration may not be dissuasive for NPOs with annual income in excess of USD 10,000 and assets exceeding USD 20,000 (NPOs required to be registered). 120. Criterion 8.5: (a) The NPO supervisor is required to take steps to cooperate with foreign regulatory authorities, competent authorities acting pursuant to an enactment and other persons in or outside of the islands who have functions in relation to the prevention and detection of financial crime: s.28 FSCO. The legislation further stipulates the cooperation may include sharing of documents and information. 121. (b) The FIA (another agency which may hold relevant information on NPOs) is permitted to cooperate domestically and internationally with bodies in the islands and foreign financial intelligence authorities: s.31 of the Financial Intelligence Agency Ordinance (FIAO). There are also provisions for the examination of NPOs through investigative expertise and capabilities: s. 25 NPOR, s.28 FIAO and s.105 POCO. 122. (c) Accessibility of information on the management and administration of NPOs and the sharing of information for preventive and/or investigative action where there is suspicion of exploitation by or support of terrorist activity or organisations is also facilitated by s.5(2) NPOR and s.28 FSCO in addition to ss.13 and 14 POTO. 123. (d) S.127 POCO requires a person who knows or suspects or has reasonable grounds for knowing or suspecting that another person is engaged in ML/TF or criminal activity to promptly disclose the information or other matter to the MLRO or the FIA. While this is broad enough to oblige an NPO to file a STR, it does not cover the substantive elements of the criteria. Accordingly, there are no appropriate mechanisms that when there is suspicion or reasonable grounds to suspect that a particular NPO is involved in TF abuse and/or is a front for fundraising by a terrorist organisation, is being exploited as a conduit for TF or is concealing or obscuring the diversion of funds intended for legitimate purposes, but redirected for the benefit of terrorists or terrorist organisations, that this information is made known to the NPO Supervisor, in order to take preventative or investigative action. Regulation 15 NPOR nevertheless allows the NPO supervisor to request an audit or investigation by an independent auditor and receive this report. 124. Criterion 8.6: The provisions of s.28 (1)(a),(c) NPOR permits the NPO supervisor to respond to international requests other than MLA (that is requests from foreign regulatory authorities and persons outside of the Islands) who have functions in relation to the prevention and detection of financial crime (which includes terrorist financing and other forms of involvement in terrorist support).
Mutual Evaluation Report of the Turks and Caicos Islands
│ 175
Weighting and conclusions 125. The AML/CFT regime in relation to NPOs is not risk-based, and there was a rudimentary risk assessment which did not adequately address the identification of those organisations which fall within the FATF definition of NPOs, identification of threats and vulnerabilities to the sector. NPO supervisor is required to conduct outreach with NPOs to ensure that they are abused for TF purposes. Further, there are provisions that allow NPO supervisor and investigative agencies to cooperate and respond to international request for information regarding NPOs. The regime however does not outline the periodic reassessment of risks posed to the sector, nor measures to encourage NPOs to conduct transactions via regulated financial channels despite this being encouraged. In addition, the sanction regime particularly in relation to unlawful operation of NPOs that should be registered is not sufficiently dissuasive. R.8 is rated Partially Compliant. Recommendation 9 – Financial institution Secrecy Laws 126. This Recommendation, formerly R.4 was rated C in the 3rd Round MER as there were no restrictions on the sharing of information between FIs. In addition, the FSC could, by notice, require a person to provide specified information or specified documents and had the power to cooperate and share information with foreign regulatory authorities or other persons, in or outside of the TCI whose functions involved the prevention or detection of financial crime. 127. Criterion 9.1: As included under paragraphs 571 - 576 of the 3rd Round MER, the FSC has the power under the FSCO to access and share information with foreign regulatory authorities, tax authorities and other persons domestic and foreign who have functions in relation to the prevention and detection of financial crime (s. 28). s. 51 FSCO also provides gateways to allow for the FSC to disclose information to any court of competent jurisdiction in TCI, any domestic law enforcement agency, the Money Laundering Reporting Authority (MLRA) and as required by the FSCO or any other Ordinance which includes the FIAO. The above provisions are only applicable to the FSC. Several MOUs have been signed between the FIA and other relevant domestic Departments, for example the IC and the FSC. The Confidential Relationships Ordinance allows disclosure of confidential information relating to any business of a professional nature an offence. s.3(2) exempts any professional person acting in the normal course of business or professional practice or any person acting in accordance with the provisions of any other Ordinance. These measures allow FIs to share information as required under R.13, 16 or 17. The analysis for c.40.1 details the mechanisms under which domestic competent authorities share with their international counterparts. Weighting and conclusions 128. The rating for R.9 is Compliant. Recommendation 10 – Customer due diligence 129. This Recommendation, formerly R. 5 was rated NC in the 3rd Round MER due to the absence of a number of CDD requirements. The deficiencies were addressed by amendments to the AMLR and the AML/PTF Code. 130. Criterion 10.1: A financial business is prohibited from setting up or maintaining a numbered account, an anonymous account or an account in a name which it knows or has reasonable grounds to suspect is suspicious: Regulation 16(2) AMLR. Financial business as
Mutual Evaluation Report of the Turks and Caicos Islands
176 │
defined in Schedule 2 AMLR includes the FATF definition of an FI. 131. Criterion 10.2: (a) FIs are required to apply CDD measures before establishing a business relationship: Regulation 11 AML/PTF Code. (b) CDD measures when carrying out occasional transactions that are above the applicable designated threshold (USD/EUR 15,000) are required, including situations where the transaction is carried out in a single operation or in several operations that appear to be linked: Regulations 4 and 5 AMLR. (c) CDD measures when carrying out occasional transactions that are wire transfers in the circumstances covered by R.16 are required: Regulations 4 and 5 AMLR. (d) Regulation 11 (1)(b)(i) AMLR makes provision for CDD measures when there is suspicion of ML/TF. (e) Regulation 11(1)(b)(ii) AMLR requires FIs to apply CDD measures where there are doubts about the veracity or adequacy of documents, data or information previously obtained. 132. Criterion 10.3: FIs are required to apply CDD measures, which as defined in Regulation 5(3), include identifying a customer and verifying the identity of persons before establishing a business relationship or carrying out an occasional transaction, based on documents, data or information obtained from a reliable and independent source: Regulation 11 AMLR. The Interpretation Ordinance defines “person” to includes any corporation, either aggregate or sole, and any club, society, association, or other body, of one or more persons. The term or other body is broad enough to not preclude legal arrangements. 133. Criterion 10.4: Regulation 5 (1) inter alia, requires the identification and verification of a third party. FIs are required to apply CDD measures, which as defined in Regulation 5(2), include where the customer is not an individual, measures for verifying that any person purporting to act on behalf of the customer is authorised to do so, identifying that person and verifying the identity of that person. This measure is however not applicable to an individual and to ensuring that the person is so authorised to act. 134. Criterion 10.5: Regulation 3 AMLR defines a beneficial owner in the context of a legal person, partnership or an arrangement and largely accords with the definition in the Standards except that it does not include a natural person on whose behalf a transaction is being conducted. Regulation 5(1)(d) and (e) of the AMLR require the establishment of the identity of each beneficial owner of the customer and third party, where either the customer or third party, or both, are not individuals and determining who are the natural persons that ultimately own or control the customer that is not an individual. Further Regulation 5(1)(f) AMLR, inter alia, requires taking reasonable measures which is restricted to on a risk sensitive basis to verify the identity of each beneficial owner of the customer or third party so that the FI is satisfied that it knows who each beneficial owner is in the case of a legal person, partnership, trust or other similar arrangement. Verification of the identity of persons is based on documents, data or information obtained from a reliable and independent source: Regulation 5(3) AMLR. 135. Criterion 10.6: While Regulation 5(1)(g) AMLR required FIs to implement CDD measures which include obtaining information on the purpose and intended nature of the business relationship or occasional transaction it does not include understanding of such information. Nevertheless, paragraph (iv)(f), the Guidance Notes to the AML Code states that a financial business is required to understand the circumstances and business of a customer. 136. Criterion 10.7: Mandated FIs’ CDD measures include ongoing monitoring defined in accordance with the criterion requirements: Regulation 5(5) AMLR. In addition, Regulation 17 AMLR and Paragraph 28 AML/PTF Code require FIs to establish ongoing monitoring policies,
Mutual Evaluation Report of the Turks and Caicos Islands
│ 177
systems and controls to provide for a more thorough scrutiny of higher risk customers including PEPs. 137. Criterion 10.8: Required CDD measures specified that reasonable measures be taken to understand the ownership and control structure of a legal person, partnership, trust or similar arrangement: Regulation 5(1)(f) AMLR. Paragraph (xv) of the Guidance Notes to the AML/PTF Code on page 15 requires FIs to obtain any relationship information necessary to understand the nature of a customer's business. Additionally, FIs are required to obtain information on the nature of the activities of a legal entity or trust: Paragraph 12(3)(b) AML/PTF Code. 138. Criterion 10.9: (a) Paragraph 16 and 17 AML/PTF Code stipulate requirements for identifying and verifying the identity of legal persons. Requirements for proof of existence of legal persons are included in Regulations 16(2)(c), 19(1) and 21(1). These requirements include (a) the full name and any trading names used and (b) the date of incorporation, registration or formation which is evidenced by a Certificate of Incorporation / Registration or its equivalent which is considered to be information on legal form and proof of existence. By providing the foregoing information, it must be presumed that the company was properly established and set up. Paragraph 19 and 20 AML/PTF Code which inter alia includes (a) the name of the trust but does not require information on the legal form and proof of existence of the trust extend to partnerships or other entities created between parties which lack separate legal personality. 139. (b) In the case of legal persons, the articles of association (the regulation and powers) are only required where there is a low risk (Paragraph 17(2) AML/PTF Code) and does not apply generally and additionally there is no requirement to provide the memorandum of association. Paragraph 16 (2)(k) AML/PTF Code requires the names of persons occupying a senior management position. In the case of legal arrangements, there is no requirement to provide the powers that regulate and bind. Paragraph 19(2)(iv) and 20(1)(c) AML/PTF Code requires the identification of the trustee and the verification of the appointment of the trustee and the nature of his duties. Identification information is also required for each protector or enforcer of the trust as well as information on each beneficiary with a vested right and each beneficiary or each person who is an object of a power. Requirements do not extend to partnerships or other entities created between parties which lack separate legal personality. 140. (c) Paragraph 16 AML/PTF Code requires in the case of a legal entity information on the mailing address, the principal place of business as well as the registered office or if it does not have a registered office the address of the head office. Paragraph 19 (1)(v) AML/PTF Code requires the mailing address of the trustees but does not extend to partnerships or other entities created between parties which lack separate legal personality. 141. Criterion 10.10: The TCI does not have a stepped process for identifying a beneficial owner but has discrete steps which are to be followed. (a) FIs are required to apply CDD measures, which as defined by Regulation 5(2)(b) AMLR. These provisions include determining who are the natural persons that ultimately own or control the customer that is not an individual. Similar requirements are included in Regulation 11 AMLR. (b) FIs are required to obtain identification information on individuals who are ultimate holders of 10% or more of a legal entity (Paragraph 16(2)(j) AML/PTF Code) and FIs are also required to take reasonable measures to verify the identity of the beneficial owners of a legal entity. There are no measures to identify the natural persons exercising control if there is doubt that they are the beneficial owners. (c) Paragraph 17(1)(a) AML/PTF Code outlines measures, which would allow for the identification of the relevant natural person exercising control in the entity.
Mutual Evaluation Report of the Turks and Caicos Islands
178 │
142. Criterion 10.11: (a) Paragraph 19 (1) (a) AML/PTF Code requires FIs to obtain identification information on trustees, settlors, beneficiaries or class of beneficiaries, and protectors or enforcers of trusts. The verification of the identity of each trustee, settlor and protector or enforcer of a trust is required in Paragraph 20(1)(b) AML/PTF Code. FIs are required by Paragraph 19(1)(a)(viii) AML/PTF Code with regard to trusts to also obtain identification information on each beneficiary with a vested right and each beneficiary who is an object of a power. Additionally, Paragraph 19 (1) (a)(ix) AML/PTF Code requires the identification of any other natural persons who exercises effective control over the trust including through a chain of control / ownership. Paragraph 20(2)(a) of the AML/PTF Code restricts the verification of the identity of the persons identified in paragraph 19(1) to when there is a higher level of risk. (b) Paragraph 5 (1) (f) of the AML Regulations requires customer due diligence measures and ongoing monitoring of customers and beneficial owners of customers. There is no requirement for verifying the identity of persons in positions equivalent or similar for partnerships or other entities created between parties which lack separate legal personality. 143. Criterion 10.12: FIs that carry on insurance business are required to have measures for identifying each beneficiary under any long term or investment linked policy and to verify the identity of each beneficiary (Regulation 5(2)(c) AMLR). Additionally, Regulation 11(6B) requires a financial business to determine if there exists any beneficial owner of the beneficiary at the time of pay-out and identify the beneficial owner of the beneficiary at the time of pay-out. Further, paragraph 12A AML/PTF Code replicates in verbatim the requirements of (a), (b) and (c) of the criteria. 144. Criterion 10.13: Regulation 13 (2A) and (2B) of the AMLR requires a financial business to include the beneficiary of a life insurance policy as a relevant risk factor in determining whether enhanced due diligence measures are applicable, and where a determination is made that carrying out relevant financial business with a beneficiary presents a higher risk, the person shall perform enhanced customer due diligence including reasonable measures to identify and verify the identity of the beneficial owner of the beneficiary, where applicable, at the time of pay-out. 145. Criterion 10.14: FIs are required to carry out CDD measures which include verifying the identity of the customer and beneficial owner before establishing a business relationship or conducting an occasional transaction: Regulation 11(1)(a) AMLR. Regulation 11(4)(5) AMLR allows for verification after the establishment of the business relationship if (a) it is essential not to interrupt the normal conduct of business, (b) there must be little ML/TF risk (c) verification occurs as soon as reasonably practicable and (d) the ML/TF risks are required to be effectively managed. 146. Criterion 10.15: Regulation 11(6A) AMLR requires financial businesses to adopt risk management procedures concerning conditions under which a customer may utilise a business relationship prior to verification. 147. Criterion 10.16: FIs are required to apply CDD measures at appropriate times to existing customers as determined on a risk-sensitive basis: Regulation 11(1)(c) AMLR. This provision does not include the criteria of materiality of existing accounts or whether or when CDD measures have previously been undertaken and the adequacy of data obtained. 148. Criterion 10.17: FIs are required to apply EDD measures for specific listed situations and for any other circumstance which can present a higher risk of ML/TF: Regulation 13(2)
Mutual Evaluation Report of the Turks and Caicos Islands
│ 179
AMLR. 149. Criterion 10.18: There are no provisions which allow FIs to apply simplified CDD measures53. 150. Criterion 10.19: (a) If a financial business is unable to apply customer due diligence measures before the establishment of a business relationship or before the carrying out of an occasional transaction, the financial business shall not establish the business relationship or carry out the occasional transaction: Regulation 12 (1) AMLR. Regulation 12 (2) allows for the financial business to terminate the business relationship with the customer if it is unable to complete the verification of the identity of a customer, third party or beneficial owner after the establishment of a business relationship. (b) Regulation 12 (4) allows for financial businesses to consider whether it is required to make a ML disclosure or a TF disclosure if it does not open the account or terminates the business relationship. 151. Criterion 10.20: Measures in paragraph 32A of the AMLRs satisfies the criteria as it provides that where a MLRO forms a suspicion of ML/TF and reasonably believes that satisfying ongoing customer due diligence requirements of the Regulations and AML/PTF Code for a customer or customer due diligence of the AMLR and AML/PTF Code for an applicant for business will tip-off a customer or an applicant, the MLRO shall instruct that the financial business to not complete the customer due diligence requirement of the AMLR and AML/PTF Code but the MLRO shall file a suspicious activity report. Weighting and conclusions
152. There are some CDD requirements present with the laws and different enforceable means for which financial businesses in the TCI are required to comply with. Financial businesses in the TCI are prohibited from keeping anonymous accounts and accounts in fictitious names. Financial businesses are required to conduct CDD measures on both legal and natural persons including when acting or purporting to act on behalf of a customer. However, there is no requirement to ensure that the person is so authorised to act. CDD measures extend to legal persons and arrangements to ensure among other things that BO is identified. However, there are deficiencies that exist within the laws and the other enforceable means. These include the absence provisions the identity of persons in equivalent or similar position for partnerships and some other legal arrangements. Additionally, the requirements for identifying the beneficial owners of legal persons are not progressive or based on a stepped approach. There are measures to conduct CDD on a risk sensitive basis but not on the basis of materiality. Measures are in place to postpone CDD when a financial business suspects that performing such would lead to tipping off. R.10 is rated Partially Compliant.
Recommendation 11 – Record-keeping
153. Recommendation 11 (formerly R. 10) was rated PC in the 3rd Round MER based on the finding that there were no requirements for FIs to maintain records of the identification data, account files and business correspondence for at least 5 years following the termination of an account or business relationship. In the 3rd FUR, it was noted that the deficiencies were addressed
53 Regulation 15 AMLR as cited by the authorities deals with timing of CDD measures rather than simplified CDD measures.
Mutual Evaluation Report of the Turks and Caicos Islands
180 │
in Regulations 18 and 19 of AMLR. 154. Criterion 11.1: S.18 (1) of the AMLR requires a financial business within the jurisdiction is required to keep records as specified in sub regulation (2) and such additional records including those relating to each transaction carried out in the course of any business relationship or occasional transaction. S.19 (1) AMLR requires records to be kept for 5 years beginning on the completion of the occasional transactions and the termination of the business relationship. Paragraph 36 (1)(b) of the AML/PTF Code requires records relating to transactions to include the currency and the amount of the transaction as well as the details of the counterparty including account details which would allow for the delineation of transactions into domestic and international. S.36 (2) AML/PTF Code reinforces the provisions in the AMLR and require FIs to maintain all customer files and business correspondences relating to a business relationship or occasional transaction within the 5-year prescribed period. The AMLR and AML/PTF Code’s provisions on record keeping are written in broad enough language to capture both international and domestic transactions. 155. Criterion 11.2: Section 18(2) AMLR captures the records required to be kept under this criterion while s.19 obligates that the said records should be kept at least 5 years beginning on completion of the transaction (including occasional transactions) and termination of the business relationship. Paragraph 37(d)(i)-(iv) AML/PTF Code also requires financial businesses to keep records of analysis done on customer’s CDD information and includes reviews of and the conclusions reached in respect of (i) complex transactions; (ii) unusual large transactions; (iii) unusual patterns of transactions, which have no apparent economic or visible lawful purpose; and (iv) customers including natural and legal persons and transactions connected with countries which do not apply, or insufficiently apply, the FATF Recommendations or are the subject of UN or EU countermeasures. Further, Regulation 28(1)(e) AMLR requires ongoing monitoring policies, systems controls to, inter alia, be designed to establish whether there is a rational explanation, an apparent economic or visible lawful purpose for unusual or higher risk activity or transactions identified and require a written record to be kept of the conclusions of the financial business. 156. S.36(1)(h) AML/PTF Code has similar provisions, requiring that the conclusions of examinations carried out in respect of the following be maintained for the 5 year period: (a) unusual or higher risk activity or transaction to determine the background and purpose of that activity or transaction; or (b) to establish whether there is a rational explanation or apparent economic purpose for the activity. This provision however limits the circumstances under which the record of results of analysis must be maintained, contrary to the broad obligation embodied under the criterion that the results of any analysis be recorded. 157. Criterion 11.3: Transaction records must include sufficient information to enable the reconstruction of individual transactions: Regulation 18(3) AMLR. Transaction records kept by a financial business shall contain sufficient details to enable a transaction to be understood and enable an audit trail of the movements of incoming and outgoing funds or asset movements to be readily constructed: Paragraph 36(3) AML/PTF Code. 158. Criterion 11.4: A financial business is required to keep specified records and such additional records in a form that enables them to be made available on a timely basis, when lawfully required, to the FSC or law enforcement authorities in the Islands: Regulation 18 (1) AMLR. Additionally, sub-regulation (1A) requires (a) if the records are in the form or hard copies kept outside the TCI, that the copies are available within seven working days; (b) if the records
Mutual Evaluation Report of the Turks and Caicos Islands
│ 181
are not in the form of hard copies (such as records kept on a computer system), that they are readily accessible in or from the Islands and that they are capable of retrieval without undue delay. Further, sub-regulation (1B) provides that a financial business may rely on the records of a third party in respect of the details of payments and transactions by customers. S.23 FSCO enables the FSC through notice, to obtain documents within seven working days. 159. S.28(1) and (2) FIAO allows the FIA to obtain the information in a timely manner. Additionally, S.141 POCO enables a police officer or a senior police officer to apply to a judge for a customer information order. While there are no measures for FIs to ensure CDD and are made available to authorities swiftly, the mentioned provisions allow authorities to request information from FIs. For example, FIs must provide requested information to their supervisors, including and transaction records, within a period of time which is specified by the supervisor on each request. Authorities can also seek a customer information order to obtain data from FIs. Once these directions are issued, FIs usually have seven days to provide the documents requested. Weighting and conclusions
160. R.11 is rated compliant.
Recommendation 12 – Politically exposed persons
161. This Recommendation (previously Recommendation 6) was rated NC in the 3rd Round MER because requirements concerning PEP did not extend to regulated persons; lack of a requirement for senior management for establishing and continuing business relationships with PEPs, and limited knowledge of the requirements to conduct EDD measures for high risk customers who are PEPs. These shortcomings were addressed in subsequent follow up reports through the adoption of Guidance related to PEPs in 2009; and amendments to the POCO in 2010 and the enactment of the AML/PTF Code in 2011. 162. Criterion 12.1: (a) - (d) The measures applicable to PEPs are prescribed at Paragraph 13 of the AML/PTF Code and Regulation 13 (2) (d) of the AMLR. These measures fully address the requirements that financial businesses: establish, maintain and implement appropriate risk management systems to determine whether a customer, third party or BO is a PEP; ensure that no business relationship is established with a PEP unless there is prior approval of the board or senior management; obtain the approval of the board or senior management before continuing a business relationship with a customer a third party or BO who is subsequently identified as a PEP, subsequent to the establishment of the business relationship; take reasonable measures to establish the source of wealth and the source of funds of customers, third parties and BO identified as PEPs; and apply enhanced due diligence and monitoring on a risk-sensitive basis of the relationship with the PEP. 163. Criterion 12.2: The obligations for foreign PEPs are equally applies to domestic PEPs and PEPs from international organisations as neither the POCO, AMLR and the AML/PTF Code make any differentiation between them. 164. Criterion 12.3: The requirement that FIs apply the PEP measures to family members and close associates of all types of PEPs is covered by Paragraph 13 (1)- (5) AML/PTF Code and Regulation 13 AMLR. 165. Criterion 12.4: Insurance business must undertake CDD measures to identify each
Mutual Evaluation Report of the Turks and Caicos Islands
182 │
beneficiary under any long term or investment-linked policy issued or to be issued by the financial business and verify the identity of each beneficiary: Regulation 5(2)(c) AMLR. Further, FIs are required to take reasonable measures before or at the time of pay out to (1) determine whether a beneficiary or BO of the policy is a PEP; (2) inform senior management before dispensation under the policy; (3) conduct scrutiny on the whole of the business relationship and file an STR if necessary: Paragraph 13 AML/PTF Code. Weighting and conclusions 166. R.12 is rated Compliant.
Recommendation 13 – Correspondent banking
167. Recommendation 13 (formerly R. 7) was rated NC in the 3rd Round MER as the assessors noted there was no legal framework in the TCI which specifically deals with the issue of correspondent banking relationship. 168. Criterion 13.1: The definition of correspondent banking as contained in regulation 7 of the AMLR accords with that of the Standards. (a) A bank which proposes to be a correspondent bank shall, inter alia, apply CDD measures on the respondent banks using a risk-based approach that takes into account the bank’s customer base, including its geographic location, its business that includes the nature of services it provides and how it conducts due diligence on its customers, whether or not relationships are conducted by the respondent on a non-face-to-face basis and the extent to which the respondent bank relies on third parties to identify and hold evidence of identity on, or to conduct other due diligence on, its customers. It is also the correspondent banks responsibility to determine from publicly available sources the reputation of the respondent bank and the quality of its supervision. A bank is prohibited from entering into a correspondent banking relationship where it has knowledge or suspicion that the respondent or any of its customers are engaged in ML/TF. There are no requirements which require a financial business to gather information about whether the respondent institution has been subject to regulatory action (Paragraph 42 (c)(d) and (j) AML/PTF Code). The definition of bank in S.2 AML/PTF Code includes a bank which holds a licence and certain other activities identified in Paragraph 1(d)(i) to (ix) of Schedule 2 which does not include money or value transfer services and underwriting and placement of life insurance and other investment related insurance as required by the definition of FIs in the Standards. This deficiency will cascade into (b) to (d). 169. (b) A correspondent bank shall assess the respondent bank’s AML/CFT systems and controls to ensure that they are consistent with the requirements of the FATF Recommendations (Paragraph 42(e) AML/PTF Code). Deficiencies in c.13.1(a) cascades to the criterion. 170. (c) Not only does a correspondent bank needs the prior approval of senior management before entering into a new correspondent banking relationship, but also senior management is to ensure that the correspondent relationship and its transactions are subject to annual review (Paragraph 42 (f) and (h) AML/PTF Code). Deficiencies in c.13.1(a) cascades to the criterion. 171. (d) In addition, the correspondent bank is required to ensure that the respective AML and CTF responsibilities of each party to the correspondent relationship are understood and properly. (Paragraph 42 (g) AML/PTF Code). Deficiencies in c.13.1(a) cascades to the criterion. 172. Criterion 13.2: Legislation does not apply to all activities in the FATF Standard’s definition of FIs (see c.13.1 (a)) and impacts the criterion and sub-criteria. Where a correspondent
Mutual Evaluation Report of the Turks and Caicos Islands
│ 183
bank provides customers of a respondent bank with direct access to its services, whether by way of payable through accounts or by other means, it shall ensure that it is satisfied that the respondent bank in accordance with the s.43 AML/PTF Code — (a) has undertaken appropriate customer due diligence and, where applicable, enhanced customer due diligence in respect of the customers that have direct access to the correspondent bank’s services; and (b) is able to provide relevant customer due diligence information and verification evidence to the correspondent bank upon request. 173. Criterion 13.3: Legislation does not apply to all activities in the FATF Standard’s definition of FIs (see c.13.1 for gap in definition). Any bank that is, or that proposes to be, a correspondent bank is prohibited from entering or maintaining relationships with any respondent bank that is a shell bank and is also prohibited to maintain relationships with any respondent bank that itself provides correspondent banking services to shell bank (s.42 (a)-(b) AMLR). Regulation 7 of the AMLR defines shell bank in accordance with the Standards. Weighting and conclusions
174. The cited provisions do not fully satisfy the requirements of c.13.1 as they do not apply to other similar arrangements and has a cascading effect on the other criteria. There is no provision to require the gathering of sufficient information to determine whether the respondent bank has been subject to regulatory action. Other requirements apply to banks and not to financial institutions as required by the FATF Standards. R.13 is rated Partially Compliant.
Recommendation 14 – Money or value transfer services
175. This Recommendation (formerly SR. VI) was rated PC in the 3rd Round MER since money service providers had not yet been licensed within the TCI and the AML/CFT legislative framework applicable to money service providers had not been effectively implemented. The deficiencies noted for R.5 as it pertains to customer identification such as lack of proper beneficial ownership (BO) requirements; R.6 PEPs and Rs.11 and 21 in relation to transaction monitoring also apply to money service providers. The new element in this R. is the requirement to actively identify and sanction unlicensed or unregistered Money or value transfer service (MVTS) providers. 176. Criterion 14.1: The Money Transmitters Ordinance (MTO) regulates activities conducted by money service businesses (MSB) and requires that such businesses be licensed to carrying on the following services - money transmission; cheque cashing; currency exchange; the issuance, sale or redemption of money orders or traveller’s cheques; and such other services as the Governor in Cabinet may specify by notice published in the Gazette. There is no definition of the term money transmission and this term appears to be restricted to only money and does not include payment of a corresponding sum in any other form to a beneficiary by means of a communication, message, transfer or through a clearing network to which the MVTS provider belongs. The MTO does not apply to persons licensed under the Banking Ordinance or Trustee Licensing Ordinance to carry on money service business in conjunction with other business unless such licensed person is operating as an agent or franchise holder of an MSB. In the case of MTOs, transactions can only be undertaken in cash and the business of banking means the business of accepting deposits of money which may be withdrawn or repaid on demand or after a fixed period or after notice, and the employment of those deposits in whole or in part by lending
Mutual Evaluation Report of the Turks and Caicos Islands
184 │
or any other means for the account and at the risk of the person accepting such deposits. The latter is broad enough to encompass the element of the acceptance of cash, cheques, other monetary instruments or other stores of value and the payment of a corresponding sum as embodied in the definition of MVTS in the FATF Standards. Any person who carries on MSB without obtaining a license under s. 5 of the MTO commits an offence (s.4(1) MTO) and s.5(1) states that any person desirous of carrying on money service business may make an application in writing to the FSC for grant of a license. 177. Criterion 14.2: S.4 MTO also creates an offence where a person carries on operation of an MSB without first obtaining a licence and is liable on summary conviction to a fine of USD 10,000, and USD 1000 per day in the event of a continuing offence and a term of 1-year imprisonment. This appears to be proportionate and dissuasive. The authorities have not provided any information on the proactive measures taken to identify natural or legal persons which carry on MVTS business without a licence. 178. Criterion 14.3: The definition of financial business in Paragraph 1(b) of Schedule 2 AMLR includes MSBs. MSBs are subject to monitoring by the FSC, the AML/CFT Supervisory. 179. Criterion 14.4: All MTOs in TCI are licensed. All sub-agents operate under an approved licensed issued by the FSC. They are required to be registered and pay annual renewal fees under a guideline note published in 2015. In practice, licensed MVTS are held ultimately responsible for complying with the AML/CFT legislation. 180. Criterion 14.5: Paragraph 50(2) AML/PTF Code requires a person who carries on money or value transfer services to require his or its sub-agents to follow his or its AML/CFT compliance programme and monitor those sub-agents for compliance with the AML/CFT compliance programme. It is nevertheless unclear to the assessment team as to which types of entities carry on transfer of services activities since it is not defined in either the MTO or POCO, its Regs or Code. Weighting and conclusions
181. MSBs are subject to licensing requirements administered by the FSC, which is also the supervisory authority for all entities which conduct financial business. The scope of the activities regulated under the MTO do not include all of those captured in the FAT Standards. Sanctions available for unlicensed MSBs are proportionate and dissuasive. However, there are no pro- active measures which are taken to identify natural or legal persons which carry on MVTS business without a licence. R.14 is rated Partially Compliant.
Recommendation 15 – New technologies54
182. Recommendation 15 (formerly R.8) was rated PC in the 3rd Round MER with the highlighted deficiencies being the absence of provisions for FIs to have in place such measures
54 The FATF revised R.15 in October 2018 and its interpretive note in June 2019 to require countries to apply preventive and other measures to virtual asset service providers and virtual asset activity. This evaluation does not assess TCI’s compliance with revised R.15 because, at the time of the on-site visit, the FATF had not yet revised its assessment Methodology accordingly. TCI will be assessed for technical compliance with revised R.15 in due course, in the context of its mutual evaluation follow-up process.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 185
as may be needed to prevent the misuse of technological developments in ML/TF schemes. TCI addressed these deficiencies with the adoption of the AML/PTF Code (Section 6(2)). 183. Criterion 15.1: S.4 AML/PTF Code requires FIs to assess their ML/TF risks soon after the start of business, and in conducting such assessments to give particular consideration to the development of new products and services, new business practices, delivery mechanisms, technologies new or developing technologies for new and pre-existing products. A financial business is required to regularly review and update the risk assessment if there are material changes to any of these matters. There are no similar provisions applicable to the country and is therefore noted as a deficiency. 184. Criterion 15.2: S.4 (4) AML/PTF Code specifically provides that risk assessments must be conducted prior to the launch or use of such products, practices and technologies. The risk assessment must also be executed with a view to managing and mitigating the risks identified. In addition, the board of the financial business also has responsibility for ensuring that the business manages and mitigate the risks identified in a risk assessment. Weighting and conclusion
185. The jurisdiction has satisfied most the requirements of the Recommendation. However, there is no requirement for the country to identify and assess the M/TF risk with new products and new business practices and the other requirements that are set out in c.15.1 which is an important element in the Recommendation. R.15 is rated Partially Compliant.
Recommendation 16 – Wire transfers
186. This Recommendation (formerly SR. VII) was rated NC in the 3rd Round MER since there were no measures dealing with domestic, cross-border and non-routine wire transfers, no requirements for intermediary and beneficial FIs handling wire transfers and no requirements for effective monitoring of compliance with the requirements of SR.VII. The deficiencies were addressed by measures set out in Part 9 of the AML/PTF Code and by the FSC enforcing the requirements of the AML/PTF Code. 187. Criterion 16.1: This recommendation applies to FIs. Paragraph 47 AML/PTF Code refers to payment service providers (PSPs) who are defined as a person whose business includes the provision of transfer of funds services which means a transaction carried out on behalf of a payer through a PSP by electronic means with a view to making funds available to a payee at a PSP, irrespective of whether the payer and the payee are the same person. The latter definition accords with that of wire transfer in IN 16 and it does not appear that PSPs are considered FIs since they are not included in the list of financial businesses or DNFBPs in Schedules 1 and 2 of the AML/PTF Regs. This ambiguity cascades throughout the analysis of this Recommendation. 188. (a) All PSPs of a payer to ensure that every transfer of funds is accompanied by full originator payer information: Paragraph 47(1) AML/PTF Code. Full originator information is defined in Paragraph 44 AML/PTF Code to include the name and account of the payer together with the payer’s address and either the payer’s date and place of birth or customer identification number or national identity number or where the payer does not have an account, a unique identifier that allows the transaction to be traced. The PSP is required to verify the full originator information before transferring any funds. The above measures are applicable to all wire transfers over USD 1,000: Paragraph 47(3) AML/PTF Code. The required details for and obligation for
Mutual Evaluation Report of the Turks and Caicos Islands
186 │
verification of full originator information comply with the criterion. 189. (b) Paragraph 47(3A) AML/PTF Code requires a PSP of the payer shall collect beneficiary and payee information including the name and account number or unique transaction reference in order to facilitate the traceability of the transaction. There is no obligation for FIs to ensure that all cross-border wire transfers of USD/EUR 1,000 are always accompanied by the required beneficiary information. 190. Criterion 16.2: Cross-border batch file transfers are required to contain complete information on the payer and the account number of the payer or a unique identifier: Paragraph 47(2) AML/PTF Code. There is no requirement for the batch file to contain full beneficiary information that is fully traceable within the beneficiary country. 191. Criterion 16.3: (a) The requirement of Paragraph 47(1) AML/PTF Code for full originator payer information is applicable to all wire transfers and will therefore include transfers below USD 1,000 and mobile telephone or any other digital or information technology device prepaid and not exceeding USD 1,000) (Paragraph 47(5)). However, there is an exemption from this requirement for payments under USD 1,000 made with electronic money (Paragraph 46(3)) which is defined as a claim on the issuer which (a) is stored on an electronic device; (b) is issued on receipt of funds of an amount not less in value than the monetary value issued; and (c) is accepted as means of payment by persons other than the issuer. As such not all transfers under USD 1,000 are required to have full originator information. (b) Paragraph 47(3A) AML/PTF Code applies to all cross-border transfers, mobile telephone or any other digital or information technology device but does not include electronic money. 192. Criterion 16.4: FIs are required to carry out CDD measures which include verification where there is a suspicion of ML/TF: Regulation 11(1)(b)(i) AMLR. This will include wire transfers as required by this criterion. The deficiency under c.16.1 applies. 193. Criterion 16.5: Domestic wire transfers need not be accompanied by full originator information but only by the account number of the payee or a unique identifier that allows the transaction to be traced back to the payer, where the payer does not have an account number: Paragraph 47(7) AML/PTF Code. The PSP of the payer is required to make available to the PSP of the payee the full originator information within 3 days of a request: Paragraph 47(8) AML/PTF Code. Access to appropriate authorities by other means is described in the subsequent paragraph. The deficiency under c.16.1 applies. 194. Criterion 16.6: Paragraphs 47(7) and 47(8) AML/PTF Code comply with the requirements of this criterion. In instances where the PSP is required to produce information; this must be produced within 3 working days. Provisions are included for the unique identifier to trace the transaction to the originator if an account number is not available. The deficiency under c.16.1 applies. 195. Criterion 16.7: The PSP of the payer is required to keep records of full originator information on the payer and the beneficiary for a period of at least 5 years: Paragraph 47(6) AML/PTF Code. The deficiency under c.16.1 applies. 196. Criterion 16.8: Paragraph 47(11) of AML/PTF Code prohibits a PSP from executing a wire transfer if it is not in receipt of the required payer and beneficiary information as required in sub regulations (1) to (10). Deficiencies identified in the analysis of c.16.1 - 16.3 are relevant. 197. Criteria 16.9: Intermediary PSPs are required to ensure that any information it receives
Mutual Evaluation Report of the Turks and Caicos Islands
│ 187
on the payer and beneficiary that accompanies a transfer is kept with the transfer: Paragraph 49(2) AML/PTF Code. 198. Criterion 16.10: An intermediary payment provider that uses a system with technical limitations which prevents the information on the payer from accompanying the transfer is required to keep records of all the information on the payer and beneficiary that it has received for at least 5 years: Paragraph 49(6) AML/PTF Code. 199. Criterion 16.11: Paragraph 49(2A) of the AML/PTF Code requires a PSP to take reasonable measures to identify cross border wire transfers that lack required originator or beneficiary information. There is no indication that the reasonable measures must be consistent with straight through processing. 200. Criterion 16.12: Paragraph 49(2B) of the AML/PTF Code requires an intermediary PSP to put risk-based policies and procedures in place for determining when to execute, reject or suspend a wire transfer lacking the required originator or beneficiary information and the appropriate follow-up action. 201. Criterion 16.13: Paragraph 48 (2A) of the AML/PTF Code requires a PSP of the payee to take reasonable measures, including post-event or real-time monitoring, to identify transfers that lack the required originator or beneficiary information. 202. Criterion 16.14: Paragraph 48 (2B) of the AML/PTF Code requires a PSP of the payee, for transfers of USD 1,000 or more verify the identity of the beneficiary, if the identity has not been previously verified, and to maintain this information for five years. 203. Criterion 16.15: Paragraph 48 (4A) AML/PTF Code stipulates that a PSP of a payee shall adopt risk-based policies and procedures for determining when to execute, reject or suspend a wire transfer where the required originator or beneficiary information is incomplete and the resulting procedures to be applied. 204. Criterion 16.16: Paragraph 50 (1) AML/PTF Code requires a person who carries on money or value transfer services and its agents to comply with the relevant AML/CFT requirements relating to its business, including wire transfer arrangements in all countries in which it operates either directly or through their agents. It is unclear as to which types of entities carry on transfer of services activities since it is not defined in either the MTO or POCO, its Regs or Code. 205. Criterion 16.17: Paragraph 48(5) AML/PTF Code stipulates that missing or incomplete information should be a factor in the risk-based assessment of a PSP of the payee as to whether a STR should be filed. The above provision is the only obligation a MVTS provider is required to consider in making an STR regarding a wire transfer. Additionally, it is only applicable to the beneficiary side of the wire transfer. None of the requirements of the criterion is detailed. 206. Criterion 16.18: s. 11-15 TAFA, as extended to the TCI, deal with freezing actions in compliance with UNSCRs 1267 and 1373 and their successor resolutions and provides that a person must not deal with or make funds or financial services, or economic resources available to designated persons or for benefit of designated persons and provides for the freezing of assets by FIs. Weighting and Conclusion 207. The measures provided by the TCI to address the requirements of this Recommendation
Mutual Evaluation Report of the Turks and Caicos Islands
188 │
speaks to PSPs and not FIs. There is no indication that PSPs are considered as FIs as they are not included in the definition of FIs in the AML/CFT regulations. The foregoing deficiency therefore has a cascading impact on the criteria. Nevertheless, there are measures in place to address wire transfer despite the other deficiencies that exist. Cross-border batch file are required to contain all relevant information with exception of beneficiary information that is fully traceable. There is also the requirement originator information for transaction below USD 1000.00 except when payment is made with electronic money. The requirement to keep records within the stipulated timeline is present. PSPs are prohibited from executing wire-transfers without the relevant information including the payee and beneficiary information. There are provisions in place for the originating, intermediary and beneficiary institutions despite some of the deficiencies that exist. PSPs are required to take reasonable measures to identify cross-border wire-transfer that lacks required beneficiary and originator information. PSPs are also required to adopt risk-based policies and procedures. The requirements to consider as to whether a STR/SAR should be filed is limited. Requirements to apply TFS-TF measures are sufficient. R.16 is rated Partially Compliant. Recommendation 17 – Reliance on third parties 208. This Recommendation (formerly R. 9) was rated PC during the 3rd Round MER. The deficiencies identified then included: lack of a requirement (1) for FIs relying on a third party to immediately obtain from that party basic CDD information; and (2) requiring FIs to ensure the third party is regulated and supervised and has measures in place to comply with the CDD requirements. In the 5th FUR, some progress was made in satisfying the requirements of R.17 with enactment of the AML/PTF Code (specifically, s.27) in 2011. 209. Criterion 17.1: Regulation 14(1) of the AMLR permits a financial business to rely on an introducer or intermediary which is a regulated business or a foreign regulated person to apply CDD measures and the financial business remains liable for any failure to CDD measures. Such introducer or intermediary must consent to being relied upon to apply CDD measures which as described in Regulation 5 of the AMLR includes identifying the customer, identifying each beneficial owner, determining who are the natural persons that ultimately own or control the customer that is not an individual, information on the purpose and intended nature of the business relationship or occasional transaction. 210. (a) The intermediary or introducer is required to provide information at the request of the financial business, including information on the purpose and intended nature of the business relationship without delay: Regulation 14(2) AMLR. In addition, FIs that intend to rely on intermediaries are required to obtain immediately in writing information about the customer including information verifying the identity of the ultimate beneficial owner: Paragraph 27(1)(e) AML/PTF Code. 211. (b) Before relying on an intermediary or introducer to apply CDD on its behalf, a financial business is required to immediately obtain an adequate assurance in writing from these third parties that they will provide, inter alia, CDD information upon request. The intermediary or introducer will, without delay., provide the information to the financial business at the request of the financial business (Paragraph 27(1)(c)(iii) AML/PTF Code). 212. (c) An introducer, intermediary or foreign person must be regulated and has procedures in place to undertake CDD measures in accordance with, or equivalent to, the AML/CFT Regulations and the Code. Given the deficiencies noted in the analysis of Recommendation 10, this is not
Mutual Evaluation Report of the Turks and Caicos Islands
│ 189
equivalent to the introducer, intermediary or foreign regulated person having requirements in line with Recommendations 10. This is a less stringent measure as required by the FATF Standards (Paragraph 27(1)(a) AML/PTF Code). 213. Criterion 17.2: Paragraph 11(3) of the AML/PTF Code refers to risk factors which a financial institution should consider when undertaking a risk assessment of a customer and it includes country risks. By definition, an intermediary is a customer of a financial institution, so country risks would be considered. The financial institution must also take into consideration the risk of the country in which the introducer would be based: s.14 (2A) AMLR. 214. Criterion 17.3: TCI does not have specific rules governing a FIs reliance on third parties that are a part of the same financial group to which the FI belongs. Weighting and Conclusion 215. The requirements permitting reliance on third parties to undertake CDD measures are not entirely consistent with R.10 given the deficiencies that exist. R.17 is rated Partially Compliant. Recommendation 18 – Internal controls and foreign branches and subsidiaries 216. Recommendation 18 is a combination of former R. 15 and 22. Former R. 15 was rated PC in the 3rd Round MER since applicable requirements for the implementation of an internal control framework and policy manuals of supervised entities did not address the issue of CFT. An independent audit function to test compliance with procedures, policies and controls on AML/CFT was not required. Requirements to keep training records of employees and screening procedures for hiring new employees in accordance with the AMLR were not effective. Additionally, R.22 was rated ‘NC’ because there were no provisions to determine compliance with AML/CFT rules and regulations by TCI’s FIs subsidiaries in foreign jurisdictions. R.18 now includes an additional requirement of an independent audit function for internal controls and financial group AML/CFT programmes. 217. Criterion 18.1: Paragraph 4(1) of the AML/PTF Code not only requires FIs to carry out and document a risk assessment but also requires them to design and establish policies, systems and controls that comply with the requirements of the AMLR and the AML/PTF Code. These must take particular account of the organisational structure of the financial business including the extent to which it outsources activities. 218. (a) Additionally, each non-sole trader financial business (unless granted express exemption from this requirement by the FSC) to appoint a ‘Money Laundering Compliance Officer’ (MLCO) to ‘oversee and monitor the financial business’ compliance with the Ordinance, all legislation in force concerning TF, the AMLR and the AML/PTF Code: Regulation 21 of the AMLR. Paragraph 9 of the AML/PTF Code further specifies that this person must be inter alia sufficiently senior and independent to perform the function and required to satisfy the criteria of the Fit and Proper Test Guideline issued by the Commission for all officers. These requirements are further expounded on in the Guideline for the Appointment of Regulatory Licensees’ Compliance Officers, MLCOs and MLROs. As part of its ongoing supervision of FIs, the Commission maintains records of the appointments of MLROs and MLCOs and assesses whether persons are satisfactorily executing the functions in line with statutory requirements, as part of the scope of its AML/CFT on-site examinations. 219. (b) Employee screening - An FI is required to implement appropriate risk sensitive
Mutual Evaluation Report of the Turks and Caicos Islands
190 │
policies, systems and controls including policies and controls relating to the screening of employees (Regulation 17(1)(d) AMLR). Financial businesses are required to ‘vet the competence and probity of employees whose duties relate to the provision of relevant business at the time of their recruitment and at any subsequent change in role’ and further require that ‘their competence and probity is subject to ongoing monitoring’: Paragraph 33(c) of the AML/PTF Code. Additionally, s.41 FSCO indicates that the Fit and Proper Test applies to the director, a key employee or the compliance officer of a licensee. In addition, the FSC as a Regulator/Supervisor, has set out requirements for screening key employees in the Fit and Proper Test Guideline issued by the Commission. 220. (c) Ongoing employee training - A financial business shall take appropriate measures to make employees aware of AML/PTF policies, systems, procedures and controls maintained by the financial business in accordance to the AMLR and the AML/PTF Code; TCI law relating to ML/TF offences: Regulation 20(1) of the AMLR. Additionally, a financial business is required to provide employees with training in the recognition and handling of transactions or conduct carried out on or behalf of any person who is or appears to be engaged in ML/TF: Regulation 20(2) of the AMLR. Regulation 20(3) AMLR requires that training includes the provision of information on current ML techniques, methods, trends and typologies. Further, financial businesses should provide at least basic AML/CFT training to all employees , and ensure that training, inter alia: is tailored to the organisation and its unique vulnerabilities; covers employees’ legal obligation to disclose; explains the risk-based approach to ML/TF prevention and detection; highlights the importance of each employee’s individual contribution to the FIs AML/CFT programme; and is provided as soon as practicable after appointment of staff: Paragraph 33(1) and (2) of the AML/PTF Code. 221. (d) Independent audits - Regulation 17(1)(e) of the AMLR states the requirements of financial businesses to have a system of internal controls. Paragraph 6(3) AML/PTF Code further requires financial businesses to maintain an adequately independent audit function to test compliance with their policies, systems and controls established under the Regulations. Reviews of compliance with AML/PTF Regulations are required to be undertaken by the MLCO to add a further degree of independence: Paragraph 9(1) AML/PTF Code. 222. Criterion 18.2: Financial businesses which are part of a group, where either a branch (which includes a representative or contact office) is located or a subsidiary is incorporated outside TCI, are permitted to implement group-wide AML/PTF programmes that comply with the AMLR and AML/PTF Code in respect of any business carried on through the branch (including with respect to compliance management arrangements (including the appointment of a compliance officer at the management level), employee screening, ongoing employee training, independent audits, etc.); and ensure that the AMLR and AML/PTF Code are complied with by the subsidiary with respect to any business that it carries on: Regulation 10 of the AMLR. Additionally, paragraph 6A of the AML/PTF Code requires a financial group or other person carrying out financial business through a similar financial group arrangement shall implement group-wide programmes against money laundering and terrorist financing, which are applicable, and appropriate to, all branches and majority-owned subsidiaries of the financial group. These programmes shall include (a) the procedure set out in regulation 17 of the AML/CFT Regulations and regulations 6 and 33;(b) policies and procedures for sharing information required for the purpose of CDD and ML/TF risk management;(c) the provision, at group-level, of compliance, audit and AML/CFT functions, of customer, account, and transaction information from branches and subsidiaries when necessary for AML/CFT purposes;(d) adequate safeguards on the
Mutual Evaluation Report of the Turks and Caicos Islands
│ 191
confidentiality and use of information exchanged. 223. Criterion 18.3: If the country in which a branch or subsidiary of a financial business is situated has more stringent standards with respect to the prevention of ML and TF than are provided for in the AMLRs and the Code, the relevant financial business shall ensure that the more stringent requirements are complied with by its branch or subsidiary: Regulation 10(3) AMLR. Also, where the laws of the foreign country do not permit this, the Commission must be informed in writing and, to the extent that the laws of the foreign country permit, the relevant financial business must apply alternative measures to ensure compliance with the FATF 40 Recommendations and to deal effectively with the risk of ML and TF: Regulation 10(4) AMLR. Weighting and Conclusion 224. R.18 is rated Compliant. Recommendation 19 – Higher-risk countries 225. TCI was rated NC for this recommendation (formerly R. 21) in the 3rd Round MER. The main shortcoming identified was that there was not an effective AML/CFT regime for treating with higher risk countries and most FIs did not observe the level of compliance of the foreign jurisdiction when establishing international business relationships. Progress in addressing these issues were noted in the 3rd, 6th, 7th and 8th FURs with the enactment of the AMLR (Regulation 13(2)(b)) and other measures. 226. Criterion 19.1: A financial business shall, on a risk sensitive basis, apply enhanced due diligence measures and undertake enhanced ongoing monitoring to business relationships and transactions with natural and legal persons from countries for which this is called for by the FATF, EU or the UN: Regulation 13 AMLR. 227. Criterion 19.2: (a) Regulation 29 AMLR vests the financial supervisor with the power to direct financial businesses to impose countermeasures which regulate or prohibit transactions with legal and natural persons in prescribed countries pursuant to a call by the FATF to do so. The language in Regulation 29 however suggests that the financial supervisor may in its discretion decide not to direct a financial business to institute countermeasures when it should. Furthermore, this regulation does not include any language requiring that the application of the countermeasures be proportionate to the risks. 228. (b) There is no information demonstrating that the TCI can independently impose countermeasures of a call by the FATF to do so. The authorisation that the AMLC has under s. 116 POCO relates to actions it can take only where countries have been subjected to sanctions or countermeasures by FATF, UN or EU, not about countermeasures the country can impose on its own without regard for a call by FATF to do so. 229. Criterion 19.3: The AMLC is authorised to advise about weaknesses in the AML/CFT systems of countries subject to sanctions or countermeasures of FATF, UN or EU: s.116 POCO. The FSC also include links on its website in relation to sanction lists of the UK, EU, FATF and the UN to notify reporting entities of weaknesses and concerns in the AML/CFT systems of other countries. These links are updated and current. In addition, the FSC issues notices to its licensees via email and publication on its website (http://tcifsc.tc/news/public-notices) of concerns about weaknesses in the AML/CFT systems of other countries. Weighting and conclusions
Mutual Evaluation Report of the Turks and Caicos Islands
192 │
230. Measures are in place to apply risk based EDD to business relationships and transactions from countries when called upon by the FATF to do so. A mechanism is also in place for FIs to be advised about weaknesses in the AML/CFT regime of other countries. However, the country’s ability to apply countermeasures when called upon to do so by FATF is embodied in the regulations in discretionary language that suggests that the obligation may not be applied. There is also no requirement for these countermeasures to be applied on a risk-sensitive basis. The ability by TCI to independently apply countermeasures of any call by FATF is not provided for. R. 19 is rated Partially Compliant.
Recommendation 20 – Reporting of suspicious transaction
231. TCI was rated PC for R. 20 (formerly R. 13 and SR. IV) in the 3rd round MER. Several deficiencies were highlighted relating to inadequate guidance to regulated entities on STR reporting and timeframes for reporting, among others. In its 13th FUR, TCI took some of the actions to address these gaps, including but not limited to revision of its STR form and distributed same with attached guidance to all stakeholders and its AML/PTF Code. 232. Criterion 20.1: Where a person who knows or has reasonable grounds for knowing or suspecting that another person is engaging in ML, TF, or criminal activity and the information came to his knowledge during the course of a relevant business, he shall promptly report after it came to him to the relevant MLRO or to the FIA in the form or manner, if any, specified by the FIA: s.127 POCO. FIs have a duty to disclose to the FIA information relating to property of a terrorist organisation or a person who commits acts of terrorism or participates in or facilitates the commission of acts of terrorism or the financing of terrorism within 24 hours from when FI has reasonable grounds to form the suspicion: s.16A POTO. This requirement is also reflected in the FIA’s Guidance on Suspicious Activity and Suspicious Transaction Reporting. 233. Criterion 20.2: The requirement for FIs to report attempted suspicious transactions, regardless of the amount, relating to the proceeds of crime and TF is provided for under 32(1) (aa) AML/PTF Code. Weighting and conclusions 234. R.20 is Compliant. Recommendation 21 – Tipping-off and confidentiality 235. TCI was rated C for R.21 (formerly R.14) in the 3rd Round MER. The recommendation was revised in November 2017 and now mandates that tipping-off does not inhibit information sharing under R.18. 236. Criterion 21.1: No proceedings for breach of confidentiality may be instituted against any person or against any director, officer or employee of a FI who in good faith transmits or submits suspicious transactions reports or other reports to the FIA in accordance with POCO: s. 176C POCO. S.32 FIAO outlines similar protections. 237. Criterion 21.2: Any person who discloses the fact that a suspicious transaction report or any other report has been filed with the FIA or that an investigation has commenced, otherwise than in the proper exercise of his duties commits an offence: s.30B FIAO. The provisions do not inhibit information sharing under R.18.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 193
Weighting and Conclusion
238. R.21 is rated Compliant.
Recommendation 22 – DNFBPs: Customer due diligence
239. TCI was rated NC with these requirements (formerly R.12) during the 3rd Round MER based on the fact that there was not an AML/CFT supervision and regulation regime for most DNFBPs, precluding them therefore from being required to comply with CDD requirements. Improvements on this issue were made through the amendments/adoption respectively in 2009 and 2010 of the POCO and the AMLR. 240. Criterion 22.1: DNFBPs are required to comply with the CDD Requirements of Recommendation 10 which is given effect under TCI law through Part II AMLR and Part 3 AML/PTF Code. All DNFBPs are required to comply with the CDD provisions set out in the AML/PTF Code and AMLR, including identifying the customer and its beneficial owners and understanding the nature of the business. The deficiencies noted in the analysis under R.10 also apply to DNFBPs. 241. (a) Schedule 2, s.1(I) AMLR defines financial business to include operating a casino whenever a transaction involves USD 3,000 or more, which would indicate that as a DNFBP, casinos are required to conduct CDD on these transactions. Under this definition however, casinos are required to conduct CDD for only a single transaction, and not also for multiple transactions that are linked but fall within the threshold as required by the criterion. Further, casinos have a duty to ensure that they are able to connect CDD information for a particular customer to the transaction conducted by that customer in the casino. 242. (b) As financial businesses, Realtors are subject to the CDD requirements (Part II AMLR and Part 3 AML/PTF Code), but as they are not defined under the laws, it is not clear that they are required to apply CDD measures with respect to both the purchasers and vendors of property. 243. (c) The definition of a high-value dealer under Regulation 2 AMLR includes transaction in precious stones and metals of at least USD 15,000, which means they are required to conduct CDD measures in those scenarios (Part II AMLR and Part 2 AML/PTF Code). As financial businesses however, DNFBPs are also subjected to the gaps identified in R.10. 244. (d) Regulations 2 AMLR, lawyers, notaries, and other independent legal professionals are defined in respect of the functions noted in the criterion and required to conduct CDD when performing these activities (Part II AMLR and Part 2 AML/PTF Code) DNFBPs are also subjected to the deficiencies identified in Recommendation 10. 245. (e) Company service providers and trust companies, carrying out the activities noted in the criterion, are licensees subjected to the CDD requirements (Part II AMLR and Part 2 AML/PTF Code) DNFBPs are also subjected to the deficiencies identified in R.10. 246. Criterion 22.2: R.11 is rated compliant and the requirements therein apply to DNFBPs. 247. Criterion 22.3: DNFBPs are required to comply with the requirements for PEPs as set out in Recommendation 12: s.5(2)(c) AMLR; Paragraph 13 (1)-(5) AML/PTF Code. The AML/CFT requirements under Recommendation 12 regarding the duty of identification, due diligence, and the refusal to carry out transactions for PEPs, as well as the noted gaps in those
Mutual Evaluation Report of the Turks and Caicos Islands
194 │
rules, are applicable to DNFBPs. 248. Criterion 22.4: DNFBPs are required to comply with the new technologies’ requirements set out in Recommendation 15, the deficiencies in which are relevant. 249. Criterion 22.5: As financial businesses, DNFBPs are subject to the reliance on third- parties’ requirements in Recommendation 17: ss.14, 17 AMLR; ss. 11(3), 27(d) 102 AML/PTF Code. The shortcomings identified in Recommendation 17 are also applicable to DNFBPs. Weighting and Conclusion
250. As financial businesses under TCI laws, DNFBPs are required to comply with CDD requirements, including in respect of the situations set out in the Recommendation. Casinos are however only required to conduct CDD measures for a single transaction of USD 3,000 or more, which is not in keeping with the broader requirement for such due diligence to be conducted with respect to multiple transactions. There is also no express requirement for real estate agents to apply CDD as regard both the purchasers and vendors of property. The deficiencies noted in R.10, 15 and 17 are applicable to DNFBPs. R.22 is rated Partially Compliant. Recommendation 23 – DNFBPs: Other measures
251. TCI was rated NC with former R.16 during the 3rd Round MER based on the fact that there was not an AML/CFT supervision and regulation regime for most DNFBPs, precluding them therefore from being required to comply suspicious transaction reporting requirements. Improvements on this issue was made through the amendments/adoption respectively in 2009 and 2010 of the POCO and the AMLR. 252. Criterion 23.1: (a)-(c) The legal requirement to report suspicious transactions is applicable to DNFBPs: s.127 POCO, s.16A POTO and 32 (1) (aa) AML/PTF Code. Pursuant to the analysis above, R.20 is Compliant. 253. Criterion 23.2: Requirements of R.18 are fully satisfied and also applies to DNFBPs. 254. Criterion 23.3: The deficiencies identified in the AMLR and POCO in relation to higher risk countries in R.19 are also applicable to DNFBPs. 255. Criterion 23.4: Any person who discloses the fact that a suspicious transaction report or any other report has been filed with the FIA or that an investigation has commenced, otherwise than in the proper exercise of his duties commits an offence: s.30B FIAO. The provision applies to all persons and is therefore interpreted to mean that same applies to directors and employees. Weighting and Conclusion
256. DNFBPs are required to comply with AML/CFT obligations to report suspicious transactions and establish and implement ML/TF risk mitigation and prevention controls. The deficiencies noted in R.19 apply to DNFBPs. R.23 is rated Partially Compliant.
Recommendation 24 – Transparency and beneficial ownership of legal persons
257. This Recommendation (formerly R.33) was rated PC during the 3rd Round MER. The recommended actions included the development of guidelines that FIs must follow in the event
Mutual Evaluation Report of the Turks and Caicos Islands
│ 195
that issued bearer shares in a company for which they represent are held outside the TCI; development of procedures to deal with instances where bearer shares are held by an institution outside the TCI and where the TCI licensed Company Manager or Company Agent is required to submit a certificate issued by an authority and that to ensure that all legal persons are made aware of the requirements of the POCO and the Code regarding the procedure for reporting suspicious transactions. The actions taken by TCI during the Follow-Up process were the issuance and use of bearer shares were abolished; the procedure for STR reporting was reinforced as part of the FIAs on-going outreach and awareness seminars; the FIA updated its STR and SAR forms in relation to both STRs/SARs and Terrorist Property Reporting and provided guidance in relation to it, including BO. 258. Criterion 24.1: (a) Information on the types, forms and basic features of legal persons in TCI can be found in the Companies Ordinance (CO 2017) and the Limited Partnership Ordinance (LPO). 259. (b) S.9 CO 2017 deals with information to be provided when incorporating a company. Once the Registrar is satisfied that an application for incorporation complies with the requisite law, the Registrar shall register the documents filed; allot a unique number to the company; and issue a certificate of incorporation: s.10(1) CO 2017. With respect to limited partnerships, the applicant has to file a statement containing the firm’s name, general nature of the partnership, address of the registered office, term for which the partnership is for and full name of the general partner and pay the prescribed fee: s.7 LPO. Any changes in the foregoing must be filed with the Registrar: s. 8 LPO. 260. Additionally, the FSC shall maintain a register of beneficial owners of companies (s. 156 CO 2017). Further, the applicant shall provide the FSC with the prescribed BO information in relation to each person who will be a registrable person in relation to the company: s.9(3) CO 2017. As it related to Limited Liability Partnerships (LLPs), BO information is not obtained and recorded.55 261. Criterion 24.2: The AMLC has completed an NRA of ML and TF risks faced by the country which assessed the risks of legal persons and identified exempt companies as most susceptible (para 429). However, the threats and vulnerabilities associated with LLPs were not assessed in the NRA. It is important to note that 90% of LLPs are regulated, registered by a CSP and required to provide and maintain BO information. Therefore, these measures aid in mitigating any risk that may be posed to LLPs. 262. Criterion 24.3: The Companies Registry is responsible for the incorporation and registration of legal persons. The Registrar of Companies maintains a Register of Companies incorporated or continued under the CO 2017, a Register of Foreign Companies and a Register of Charges: s.290 (1) CO 2017. Pursuant to s. 9 CO 2017, the articles of incorporation which shall include the address of the registered office (s. 42 (3) (b) CO 2017), company name and legal form and status (s.13 CO 2017). Further, section 112(1) (b) of CO 2017 requires the registered agent to within one month of incorporation of the company to file with the Companies Registry a notice of appointment of any director. With regard to the publicly availability of basic information, s.293 CO 2017 allows any person to apply to the Registrar to inspect or receive
55 The legislation which describes the requirements of both sub-criteria is available on the FSC’s website (http://tcifsc.tc/).
Mutual Evaluation Report of the Turks and Caicos Islands
196 │
copies of corporate documents filed with the registry. 263. Under the LPO, the Registrar maintains a register of limited partnerships. Pursuant to s.7(1) LPO basic information is required and this includes the firm’s name, the general nature of the firm’s business, the address, the term nor duration of the partnership and the full name and address of each general partner. S.7(3) LPO states that the Registrar shall maintain a record of each firm and the records shall be open to inspection by the public. 264. Criterion 24.4: Companies must keep the following documents at the office of its registered agent: the articles of incorporation (which contains basic regulating powers), register of members, register of directors, register of charges, a copy of each notice and other document field by the company in the previous 10 years: s. 132 (4) CO 2017. Also, a company is required to keep a list of members and directors and the relevant shareholding power: s. 85 (1) (a)-(h) CO 2017. Further, this information shall be available for inspection and be kept maintained at the office of the registered agent or registered office of the company: s.132 (3) CO 2017. Pursuant to s.7(3) LPO, the Registrar shall maintain a record of each firm registered under the LPO. S.9(1) LPO requires that the general partners shall maintain or cause to be maintained at the registered office of the firm a register in writing which shall contain the name and address, amount and date of contribution or contributions of each partner and the amount and date of any payment representing a return of any part of the contribution of any partner. 265. Criterion 24.5: Where a company keeps a hard copy of any register at the office of its registered agent or its registered office, it shall ensure that (a) an up to date written record of the place where the register is kept is maintained at the office of the registered agent or the registered office; and (b) the copy register is updated within five working days of any change in the register: s.132 (4) CO 2017. Registered agents of companies must perform CDD measures including identifying all customers and beneficial owners of its customer: Regulation 5 AMLR. This should be done before establishing a business relationship or conducting an occasional transaction: Regulation 11(1)(a) AMLR. Regulation 11(2) provides for identification information to be obtained where there is a change in the identification information of a customer, BO of a customer or third parties, or the BO of third parties. The beneficial owners of companies must be ascertained and identified: s.149 CO 2017. The company has a duty to keep the particulars in the BO register up to date and breach of this requirement carries a penalty of USD 50,000: s.153 CO 2017. Further, registered agents are licensed and subject to AML oversight by the FSC, including compliance visits: s.32 FSCO. 266. Pursuant to s.8(1) LPO, LLPs are required to specify to the Registrar any change in any matter specified in s.7(1) of the LPO (basic information) within 15 days. Failure to comply with this requirement carries a penalty of USD 25 for each day or part of the day during which the default continues: s.8(4). Additionally, where there are any changes in the register maintained by the LLP under s.9(1), the register shall be updated within 21 days of any change thereof. Failure to comply with this requirement carries a penalty of USD 500 for each general partner: s. 9(3). Regulations 5 and 11(1)(a) AMLR are also applicable to LLPs. 267. Criterion 24.6: Companies are required to ascertain and identify all persons who are beneficial owners of companies (s.149(1) CO 2017), maintain a beneficial ownership register (s.152(1) CO 2017) and keep the information up to date (s.153(1) CO 2017). A company shall keep its BO register at the office of the registered agent (ss.132(1) and 132(2)(d) CO 2017). Where the information is maintained electronically, at any time the document must be available for inspection or capable of being produced in hard copy (s.132(3) CO 2017). The register must
Mutual Evaluation Report of the Turks and Caicos Islands
│ 197
be updated within 5 working days of any change in the register (s.132(4) CO 2017). 268. The LPO does not require that the partnership or the Registry obtain and hold up to date BO information. However, in TCI a general or limited partner may be a company and therefore all the foregoing requirements under CO 2017 will apply. For those partnerships that are not companies, beneficial ownership information is obtained through the business licensing process as outlined in the Business Licensing Ordinance (BLO). Ss. 2 and 3 require that a limited or general partnership carrying on business in the TCI must be licensed by the Business Licensing Unit. Ss. 5 and 8 BLO specify the type of information that must be provided before registration. This information includes ownership details including name, number of shares and interest in any business. Additionally, limited partnerships have registered agents as such where a partner is a company, all provisions of the CO 2017 in relation to obtaining and keeping updated BO information would apply. As stated above, ss. 8 and 9 LPO requires that the information on the Registers be updated. 269. Criterion 24.7: Part IX CO 2017 requires that companies establish and maintain a BO registry. Any changes in BO information should be recorded and the registry kept up to date: s.152 (2) CO 2017. Further, companies are required to file with the Registrar all BOs and changes within 14 days: s.157 CO 2017. S. 164 (a)-(d) POCO details the powers of the FSC for the purposes of carrying out its functions, which includes at any reasonable time the FSC may enter and inspect any premises occupied or used by a designated non-financial business and profession, whether in or outside TCI or examine and make copies of documents to ensure compliance by DNFBPs. LLPs who are not companies are required to provide written disclosures of changes in its particulars are notified to the Permanent Secretary, Ministry of Finance. This would include changes regarding the details of the partner and the controlling interests of any partners which are companies: s.8 BLO. 270. Criterion 24.8: All companies are required to appoint and at all times have a Registered Agent (s.44) who shall be licensed under the CMLO. This Agent is responsible for collecting, recording and filing BO information and changes. Further, it is a requirement for companies to provide information on BO changes to the FSC thereby keeping the BO information up to date: s.157 CO 2017. There is a penalty of USD 50,000 for failing to adequately maintain the BO: s.157(4) CO 2017. The mechanism that the TCI employs to ensure that agents render assistance and co-operate with competent authorities is s.23 FSCO. This section provides that where reasonably required by the Commission for the discharge of its functions or for ensuring compliance with a request from a competent authority the Commission may, by notice in writing request the specified information from the Agent. All LPs have a registered agent and are customers of CSPs and in accordance with Reg.5 and 11 AMLR must obtain and maintain BO information on the LP. This information can be compelled by the FSC pursuant to its powers under s.23 FSCO. 271. Criterion 24.9: Records of BO information must be kept for a period of 5 years by financial businesses beginning on the day the business relationship ends: Regulation 19 AMLR. Further, information on the BO Registry pursuant to Part IX CO 2017 has to be retained by the FSC for at least 20 years from the dissolution of the company: Regulation 23 of the Beneficial Ownership Regulations (BOR) 2017. Regulation 19 AMLR is also applicable to LLPs. 272. Criterion 24.10: Information on the BO registry can be made available to RTCIPF and any person or authority prescribed by the BOR 2017: s.159 CO 2017. This information is to be provided in a timely manner: s.159 (1A) BOR. Regulation 25 BOR grants access to information
Mutual Evaluation Report of the Turks and Caicos Islands
198 │
stored in the Companies Registry to only the RTCIPF. However, the FSC has a duty to cooperate with competent authorities acting in pursuant of the Act or other persons who are responsible for the prevention or detection of financial crimes: s.28 FSCO. Co-operation may include the sharing of documents and information. Further, s.293 CO 2017 allows any person to access basic information in registries maintained by the Registrar once the fee prescribed is paid: Schedule 3, line 40 Companies Regulation 2018. The foregoing also applies to partnerships i.e. that the FSC has to cooperate with competent authorities. 273. Criterion 24.11: Bearer shares and share warrants are prohibited, and it is an offence for a Company to issue a bearer share, convert a share to a bearer share or exchange a share for a bearer share: s. 53 CO 2017. Section 2 of CO 2017 defines bearer shares to include a share warrant to bearer. 274. Criterion 24.12: TCI permits nominee shareholders and directors: s.2 CMLO. A nominee director must disclose the identity of their nominator: Regulations 14A and 14B Companies Regulations 2018. This information is available to the Registrar who can make inquiries, inspect, examine and make copies of the documents. Pursuant to paragraph 2 of the Schedule 2 (Code of Conduct) of the CMLO a company manager (a licensee) is subject AML/CFT requirements and must take steps to identify, among other things, the beneficial owner of all voting or dividend earning shares of a company. 275. Criterion 24.13: The FSC can take enforcement action against a licensee who is in contravention of a financial services ordinance including the CMLO: s.33 (1) (a) FSCO. Penalties include issuance of a directive or revocation of license: s.33(2) FSCO. Further, a financial business that breaches the requirement to identify and verify a beneficial owner is guilty of an offence and liable on summary conviction to a fine of USD 50,000: Regulation 11 AMLR. The penalty for failure to give notice to the FSC of particulars of its beneficial owners and of any update in BO is USD 50,000: s.157(4) CO 2017. Failure to maintain a BO register and record changes results in a fine of USD 50,000: s.152(5). Failure to keep information in the BO register up to date carries a criminal penalty of USD 50,000: s.153(3). The FSC is empowered to take enforcement action against a licensee (including registered agents) for AML/CFT contraventions: s.33 AMLR. Failure by a company to keep its BO register at the office of the registered agent, making electronically information available for inspection or capable of being produced in hard copy, to update the register within five working days of any change in the register is an offence and carries a fine of USD 30,000: s.132 (5). Additionally, failure to provide BO information to the FSC is an offence and carries a fine of USD 50,000: s.157(4) CO 2017. The FSC may imposes a final penalty for breaches of the Ordinance including penalties in relation to ss. 152, 153 and 157 (s.297 and Schedule 2 CO 2017). Further as discussed under Chapter 7- IO.5, the FSC has the power to remove a company from the register for failure to file annual returns. These penalties are proportionate and dissuasive. 276. Criterion 24.14: (a) The power to provide international co-operation is outlined in criterion 37.1 and is applicable to access to basic information held in Companies Registry of the FSC. The FSC may allow access to basic information to any person in a timely manner: s.293 CO 2017. 277. (b) The FSC can disclose protected information to foreign regulatory authorities: s. 51 (g) FSCO. Further, Regulation 27(5) Companies Regulation 2018 states that s.293(2) CO 2017 does not limit the operation of s.51 FSCO with respect to (a) a membership document; or (b) any information contained in a membership document.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 199
278. (c) The FSC is able to use investigative powers (s.29 FSCO), to obtain BO information on behalf of foreign counterparts. This includes the power to: (a) exercise the power conferred on it by s.23 to issue a notice to produce documents or information; (b) apply to the Magistrate under s.26 for the examination of a person under oath; (c) appoint one or more competent persons as examiners to investigate any matter; or (d) disclose information, or provide documentation, in its possession or obtained under paragraph (a), (b) or (c) above to the foreign regulatory authority. 279. Criterion 24.15: The FSC is required to monitor the quality of assistance it receives from foreign countries with respect to basic and BO information and the location of beneficial owners residing abroad: s.28(5) FSCO. Weighting and Conclusion 280. Legal persons can be created under CO 2017 and the LPO. While information was provided on the requirements associated with BO for companies, no such information was provided for LLPs. The jurisdiction did not assess the risks associated with LLPs that can be created in the country despite assessing the risk pertaining to the other legal persons in operation. However, there are measures in place to mitigate any risks that may be associated with LLPs. The registers maintained by the Registrar containing basic information are accessible to the public. Companies are required to maintain basic, shareholder and members registers. Similarly, LLPs are required to maintain a register of basic information on their partners. Information recorded by the Registrar of Companies is accurate and updated. Companies and LLPs are required to establish and maintain a BO registry and to employ an agent responsible for collecting, recording, maintaining and filing BO information and changes. Measures for companies and LLPs to cooperate with foreign authorities exist, with the FSC required to monitor the quality of the assistance they receive from other countries. R.24 is rated Largely Compliant.
Recommendation 25 – Transparency and beneficial ownership of legal arrangements 281. This recommendation (formerly R. 34) was rated PC in the 3rd Round MER. In the 11th FUR TCI reported that training was arranged for the Judiciary, Prosecutors and key law enforcement officials. The FIA was directed by the AMLRA to ensure that all persons associated with legal arrangements were made aware of the requirements of the POCO, the MLRA and AML/PTF Code regarding the reporting of suspicious transactions. The FIU reviewed its training programme to include AML/CFT training on matters relative to legal arrangements. The FIU/FIA partners with the FSC and other stakeholders in facilitating the various AML/CFT seminars and workshops. This Recommendation now includes obligations for all countries whether they recognise trust law or not. Trustees should provide information to the FIs or DNFBPs regarding its establishment as a trustee and guarantee that such information can be accessed by competent authorities in a timely manner. 282. Criterion 25.1: (a) Trustees are considered a financial business (Schedule 2 AMLR) and must in apply CDD measures and obtain accurate and updated information whenever there is a change in the information: Regulation 11 (1) and (2) AMLR. Trustees are required, when identifying a trust, to obtain identification information on the trust in respect of trustees, settlors, protectors, beneficiaries or class of beneficiaries and any other natural person exercising ultimate effective control over the trust: Paragraph 19 (1) AML/PTF Code. Trustees are required to hold and obtain adequate, accurate and current information and update it on a timely basis: Paragraph 19 (4) (b) AML/PTF Code.
Mutual Evaluation Report of the Turks and Caicos Islands
200 │
283. (b) Trustees are mandated to hold basic information on other regulated agents of, and service providers to the Trust: Paragraph 19(4A) AML/PTF Code. 284. (c) A trustee who is a financial business is required to hold records for 5 years (Regulation 19(1) AMLR). 285. Criterion 25.2: Information held by the trustee is required to be kept up to date: Paragraph 19 (1) (b) AML/PTF Code. Paragraph 20 AML/PTF Code satisfies the requirement for ensuring the accuracy of the information. Also, on-going monitoring of a business relationship which includes keeping the documents, data or information obtained for CDD purposes up to date and relevant by undertaking reviews of existing records is provided under Regulation 5(5)(b) AMLR. 286. Criterion 25.3: Trustees are required to disclose their status to FIs and DNFBPs when forming a business relationship or carrying out an occasional transaction: Paragraph 19 (4B) AML/PTF Code. 287. Criterion 25.4: The FSC is empowered to obtain from licensed trustees’ information to allow the FSC to carry out its statutory duty. Relevant powers to obtain information include issuing a notice to produce information (s.23 FSCO), and the power to conduct compliance visits (s.32 FSCO). The information that the FSC obtains can be shared with other competent authorities. TCI indicated that trustees are not prevented by legislation from providing FIs and DNFBPs with the information detailed in Paragraphs 19, 20 and 36 of the AML/PTF Code when conducting business. 288. Criterion 25.5: All financial businesses including professional trustees are subject to the AMLR: (Paragraph 1 of Schedule 2 AMLR). The FSC has powers through compliance visits to access the information in paragraphs (a), (b), and (c). Further, the FSC can issue a notice to produce information (s.23 FSCO). This information must be produced within 7 working days (s.23(2)(c)). The FSC also has an obligation to cooperate with authorities both domestic and foreign who are involved in the detection and prevention of financial crimes (s.28 FSCO). Financial businesses must give the FSC access to premises for the purposes of compliance visits. FSC can inspect any asset or review the business and its activities and seek explanation and information from financial businesses: s.32 FSCO and s.164 POCO. Powers of the FIA and RTCIPF are covered under c.29.3 and c.31.1 respectively. 289. Criterion 25.6: (a) The MLA measures outlined in c.37.1 is used to access to basic information held by other domestic authorities. 290. (b) The FSC has a duty to cooperate with foreign regulatory authorities and with persons who have functions in relation to the prevention or detection of financial crime who request assistance under s.28 FSCO. This includes the sharing of documents: s.28(2). 291. (c) The FSC is able to use investigative powers given (s. 29 FSCO), to obtain BO information on behalf of foreign counterparts. This includes (a) exercise the power conferred on it by s.23 to issue a notice to produce documents or information; (b) apply to the Magistrate under s.26 for the examination of a person under oath; (c) appoint one or more competent persons as examiners to investigate any matter; or (d) disclose information, or provide documentation, in its possession or obtained under paragraph (a), (b) or (c) above to the foreign regulatory authority. 292. Criterion 25.7: Pursuant to the AMLR, there are criminal sanctions for professional
Mutual Evaluation Report of the Turks and Caicos Islands
│ 201
trustees where they fail to comply with their obligations. The FSC can impose sanctions for failure to carry out customer due diligence (Regulation 11(7)), enhanced customer due diligence (Regulation 13(3)), and maintain records (Regulation 18(8)). Fine on summary conviction for these contraventions are USD 50,000 which are considered proportionate and dissuasive. 293. Criterion 25.8: Failure to provide information to the FSC or allowing a compliance visit is a contravention of the FSCO and can lead to enforcement and disciplinary action. S.33(1) (a) (i) FSCO provides the ground for enforcement action where a licensee has contravened the FSCO, any AML Ordinance, Regulation or Code. Regulation 18 AMLR specifically imposes a duty on a financial business (which includes a trustee) to keep records in a form that enables them to be available on a timely basis, when lawfully required, by the Commission and law enforcement authorities. Contravention of Regulation 18 is an offence and results in a fine of USD 50,000. Additionally, a financial business is required to keep records in such a manner to enable the FSC, auditors and other competent authorities to assess the effectiveness of systems and controls maintained by the financial business (s.35 AML/PTF Code). Also, failure by a licensee to provide information within 7 days following receipt of a Notice to Produce issued pursuant to s.23 is deemed by the FSC as a contravention of that Section. With respect to cooperating with a compliance visit, s.33(1)(d)(ii) specifically provides the ground for taking enforcement action. S.33 (2) (a)-(g) further sets out the types of action the FSC can take. This includes issuance of financial penalties. A person who fails to comply with a notice issued under s.23 FSCO commits an offence (s.30 FSCO). Weighting and Conclusion 294. R.25 is rated Compliant. Recommendation 26 – Regulation and supervision of financial institutions 295. Recommendation 26 (formerly R.23) was rated PC in the previous assessment. Among the deficiencies was that the legislative regime for licensing and supervision for FIs was not in force and fit and proper requirements did not include an integrity component. Subsequent FURs addressed these and other deficiencies. There has been no substantive change in the Recommendation except for the inclusion of the prohibition of shell banks. 296. Criterion 26.1: S.161(1) POCO designates the FSC as the supervisory authority for regulated financial businesses which includes under Schedule 1 AMLR licensees under the Banking Ordinance, the Trustees Licensing Ordinance, the CMLO, the Mutual Funds Ordinance, the Investment Dealers (Licensing) Ordinance, the Insurance Ordinance and the MTO. A supervisory authority is responsible for monitoring compliance by those financial businesses for which it is responsible, with their AML/CFT obligations: s.161(3) POCO. The above measures provide for the designation of a supervisory authority to monitor compliance of all FIs in TCI with their AML/CFT obligations. 297. Criterion 26.2: All forms of regulated businesses supervised by the FSC (as stipulated in Schedule 1 AMLR) are required to be either licensed or registered under the relevant sections of their governing statutes. (s. 4 Banking Ordinance, Trust Companies (Licensing and Supervision) Ordinance, CMLO and Money Transmitters Ordinance, s, 3 of the Mutual Funds Ordinance, Investment Dealers (Licensing) Ordinance and the Insurance Ordinance). The licensing requirements as set out for the granting of a national banking licence or an overseas banking licence in s.6 Banking Ordinance stipulate that a principal office must be maintained in the jurisdiction and the bank be represented by at least 2 authorised agents. These requirements
Mutual Evaluation Report of the Turks and Caicos Islands
202 │
ensure that no shell bank is established in TCI. TCI laws do not explicitly prohibit the establishment of shell banks in the TCI. However, Regulation 16 AMLR prohibits TCI-licensed banks from entering into or continuing correspondent banking relationship with a shell bank or a bank known to permit its accounts to be used by a shell bank. 298. Criterion 26.3: Financial supervisors are vested with the power to adopt legal and regulatory measures to prevent unsuitable persons from owning, controlling, participating in or having other interests in the directorship or management of an FI: Regulation 30A of the AMLR. This does not extend to the preventing criminals or their associates from being the beneficial owner of a financial institution. 299. Regulation 9 and 10 Banking Regulations require the FSC’s approval prior to the appointment of any director, senior official or auditor of a bank and any issuance, transfer, charge or disposal of shares in a bank. The above does not include beneficial owners. There is no indication for FSC’s approval of the shareholders, beneficial owners, directors and senior managers of licenced applicants as a condition for granting of a licence under the Banking Ordinance. 300. Significant owners, directors, senior managers, auditor and persons undertaking key functions of a licensee are required to satisfy the FSC’s fit and proper criteria on application for a licence and on an ongoing basis. The above measure does not define significant owners and there is no indication if beneficial owners are included: Paragraph 8 Trust Companies Code. 301. Section 6 CMLO requires the FSC to be satisfied that a licence applicant is fit and proper in order to grant a licence. Section 5 requires the applicant to submit the names and addresses of the directors, secretary or resident manager of the applicant. The above provision provides for the assessment by the FSC of the directors and resident manager of the applicant under the CMLO. Shareholders and beneficial owners are not covered nor is there a requirement for approval by the FSC for subsequent changes in shareholders, beneficial owners, directors and management under the CMLO. 302. Sections 7 and 8 Mutual Funds Ordinance require that the FSC be satisfied that each promoter of the applicant mutual fund is of sound reputation in order to recognise, register or license the applicant mutual fund. The above provision does not include beneficial owners, directors and management. Additionally, there is no requirement for approval by the FSC for subsequent changes in beneficial owners, directors and management. 303. Section 7(1) Investment Dealers (Licensing) Ordinance stipulates that the FSC may grant a licence when it is satisfied that the directors, beneficial owners, managers and shareholders of a company or partners in a partnership which is the applicant are fit and proper to hold a licence under the statute. There is no requirement for approval by the FSC for subsequent changes in the directors, beneficial owners, managers and shareholders of a company or partners in a partnership which is a licensee. 304. Regulation 12 and 13 Insurance Regulations require FSC approval prior to the appointment of any director, senior official or auditor of a licensed insurer and any issuance, transfer, charge or disposal of shares in a licensed insurer. The above does not include BOs. However, the application for an insurance licence requires the identification of BOs along with their signed and notarised biographical information, certified passport identification and police records from country of origin, among other things. There is no indication for FSC approval of the shareholders, beneficial owners, directors and senior managers of licence applicants as a
Mutual Evaluation Report of the Turks and Caicos Islands
│ 203
condition for granting of a licence under the Insurance Ordinance. 305. Under s.17(2) MTO licensees are required to apply for FSC approval prior to the appointment of a director or other senior officer. This measure does not include shareholders or beneficial owners. There is no indication for FSC approval of the shareholders, beneficial owners, directors and senior officers of licence applicants as a condition for granting of a licence under the MTO. 306. Criterion 26.4: (a) The information provided by the authorities has not sufficiently demonstrated that FIs are regulated and supervised in keeping with all relevant principles of the Basel Committee on Banking Supervision (BCBS), the International Association of Insurance Supervisors (IAIS) and the International Organization of Securities Commission (IOSCO) or are regulated and supervised in line with these principles. The FSC in the Statement on Consolidated Supervisions and the FSC’s Role as a Host Supervisory has put in place measures to comply with the relevant BCBS principles on consolidated group supervision. The TCI was also assessed in 2015 by the IMF under the Financial Sector Assessment Program. The assessment included a full review against the Core Principles for Effective Banking Supervision and TCI received ratings of either ‘Compliant’ or ‘Largely Compliant’ in 15 of the 29 Core Principles. No details were provided as to the specific Core Principles that were rated as compliant or largely compliant. A technical assessment of the insurance sector was also conducted by the FSAP team, but no detailed ratings were provided. The TCI attained membership in IOSCO in 2016 and has not yet been assessed against the IOSCO Core Principles. 307. (b) FIs including MVTS providers are subjected to monitoring of their compliance with AML/CFT obligations by the FSC. Regulation 22A AMLR requires an RBA to the supervision of financial businesses including MVTS. 308. Criterion 26.5: The frequency and intensity of AML/CFT supervision is required to be determined on the basis of the ML/TF risks and policies, internal controls, and procedures of the FIs/groups, ML/TF risks present in the country, and the characteristics of FIs/groups: Regulation 22A(1) AMLR. 309. Criterion 26.6: S. 22A (2) AMLR requires the FSC to undertake measures consistent with the requirement of this criterion. Weighting and Conclusion 310. The FSC is the designated supervisor responsible for regulating FIs compliance with AML/CFT obligations. All FIs under the FSC are required to be either registered or licensed. Measures for ensuring that criminals or their associates do not own, control or manage FIs are not consistent for all types of FIs and do not cover all relevant parties, such as BO. No information has been provided to demonstrate that core principle FIs are regulated and supervised for AML/CFT purposes in line with the principles of the BCBS, the IAIS and IOSCO. The frequency and intensity of on-site and off-site supervision of FIs will now be based on an assessments of ML/TF risks, and the FSC is required to develop its own assessment of the ML/TF risk profiles of FIs or groups. R.26 is rated Partially Compliant. Recommendation 27 – Powers of supervisors 311. This Recommendation (formerly R.29) was rated PC in the 3rd Round MER. The main problem identified was that the FSC did not have the authority to impose financial sanctions independently. Issues related to effectiveness were highlighted, mainly respecting the issuance
Mutual Evaluation Report of the Turks and Caicos Islands
204 │
of examination reports to regulated entities as well as limitations in the FSC’s ability to conduct follow up supervision arising from deficiencies identified during on-site inspections. These deficiencies were addressed by amendments to POCO and the AMLR and enactment of the Financial Services (Financial Penalties) Regulations. There is no revision to the Recommendation other than supervisors should have powers to supervise and monitor compliance. 312. Criterion 27.1: As the supervisory authority for FIs, the FSC is responsible for monitoring their compliance with AML/CFT obligations and taking appropriate enforcement actions for breaches of said requirements: s.161(3) POCO. S.161(4) POCO provides for the FSC to have the information gathering and enforcement powers provided under the FSCO in acting as the designated supervisory authority. 313. Criterion 27.2: The FSC has the authority to conduct inspections of FIs: s.32 FSCO. 314. Criterion 27.3: The FSC has the power to compel the production of specified information or documents required for the FSC to carry out its functions under any Ordinance: s.23 FSCO. This provision would allow the FSC to compel information necessary for monitoring compliance with AML/CFT obligations under s.161(3) POCO. The FSC can executes these powers without a court order. 315. Criterion 27.4: The FSC is able to take enforcement action against a licensee for contravening the AMLR or such ordinances or codes relating to ML or FT as may be prescribed for meeting the function of ensuring compliance with AML/CFT obligations: sub-section 33(1)(a)(ii) FSCO. The enforcement actions (as stipulated in s.33(2)) include: (a) revoke or suspend the licensee’s license under s.34 FSCO; (b) issue a directive under s.37 FSCO; (c) appoint an examiner to conduct an investigation under s.35 FSCO; (d) require the licensee to appoint a qualified person under s.36 FSCO; (e) apply for a protection order under s.38 FSCO; (f) where the licensee is a company, petition the Court for the winding up of the licensee under s.92 CO 2017; and (g) impose a financial penalty on the licensee which, in accordance with Part VII FSCO, is referred to as disciplinary action. With regard to these measures, issuing a directive as set out in s.37 FSCO, enables the FSC to impose prohibitions, restrictions or limitations on the financial services business of the licensee. 316. The FSC can also require the licensee to take appropriate action with a directive. S.36 FSCO allows the FSC to appoint a qualified person to advise the licensee on the proper conduct of its business and affairs. A protection order allows for the protection or preservation of the business or property of a licensee whose license is about to be revoked, a former licensee or a person carrying on unauthorised financial services business. Procedures for the imposition of financial penalties are set out in ss. 45 - 49 FSCO. The above measures provide for a range of supervisory sanctions which can be applied on a proportionate basis. 317. Under Regulation 3 Financial Services (Financial Penalties) (Amendment) Regulations, the FSC can impose a range of financial penalties against directors/officers and licensees for AML/CFT violations. Where a director or officer has been reckless or intentionally allowed a contravention, a financial penalty of between USD 5,000 and USD 50,000 can be applied. For licensees, the financial penalty is between USD 10,000 and USD 500,000. The FSC also has the power under this provision to apply additional financial penalties against a licensee that fails to comply with a directive issued by the FSC.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 205
Weighting and Conclusion 318. R.27 is rated compliant. Recommendation 28 – Regulation and supervision of DNFBPs 319. Recommendation 28 (formerly R.24) was rated PC in the 3rd Round MER. Deficiencies relating to casinos and certain other FIs which were not covered under the AML/CFT regime have been corrected as casinos are now under the regulatory regime of the FSRC and subject to AML/CFT oversight. The new FATF Standard specifically indicates that the systems for monitoring and ensuring compliance with AML/CFT requirements should be performed by a supervisor or SRB. It is also required that the supervisor or SRB take necessary measures to prevent criminals or their associates from being professionally accredited and to have effective, proportionate and dissuasive sanctions. 320. Criterion 28.1: (a) Casinos are required to be licensed by the Governor: ss. 4-13 Casinos Ordinance. Those procedures authorise the Minister or Chief Inspector to make enquiries, including conducting background investigations and audits, to determine the suitability of the applicant or of the persons having control or management thereof. The recently enacted Gaming Control Ordinance will supplement these procedures by incorporating the AML/CFT obligations for DNFBPs set forth in the POCO and AMLR. 321. (b) There are legal and regulatory measures in place to prevent criminals and their associates from holding a significant controlling interest in, being beneficial owners or operators of casinos. S.11(1)(b) Casinos Ordinance prohibits the grant of a casino license if the applicant or its directors and officers have been convicted of an offence involving fraud, dishonesty or violence, or has been convicted of a criminal offence punishable by imprisonment for six months or longer without the option of a fine. The grant of a gaming license is also prohibited where the applicant (legal person) has more than five per centum of the issued share capital represented by bearer securities transferable by delivery only, unless the Minister is satisfied that such company maintains, or has undertaken to maintain, a record of the identity of the persons to whom payments are made in respect of interest or dividends on such securities, and that such record will be available for inspection by any person appointed for the purpose by the Minister (s.11(1)(c)). A gaming license can be cancelled where the licensee fails to exercise proper supervision of the premises or has been convicted (whether within or without the Islands) of a criminal offence punishable by imprisonment for 6 months or longer without the option of a fine (s.15(1)(b)(iii) Casinos Ordinance). Owners and managers of casinos are subject to suitability, financial and criminal background checks. The Casinos Ordinance does not address any vetting and approval requirements for shareholders (that is not the applicant) and beneficial owners of the gaming operation. 322. (c) AML/CFT oversight for casinos is the remit of the Gaming Inspectorate under the Gaming Control Ordinance. Pursuant to Regulations 23(2) AMLR which designates the Gaming Inspectorate as DNFBP supervisor for casino, the Gaming Inspectorate can take enforcement actions against casinos under the POCO. 323. Criterion 28.2: The FSC is the designated supervisory authority responsible for monitoring and ensuring compliance of DNFBPs with AML/CFT requirements: s. 23 AMLR and s.161 (2) POCO. 324. Criterion 28.3: Regulation 23(1) of the AMLR Regs indicates that the FSC as the
Mutual Evaluation Report of the Turks and Caicos Islands
206 │
designated supervisory authority for a financial business that is not a regulated person except casinos. The FSC is authorised under ss.164-166 POCO to take enforcement actions against the DNFBPs under its remit (i.e. legal profession, real estate, accountants and car dealers) for AML/CFT breaches. While these DNFBPs are subjected to registration requirements, which not all of them comply with, there is little to no monitoring for AML/CFT compliance done by the FSC. A similar deficiency, as it relates to AML/CFT compliance monitoring, exist for the remainder of gaming industry, which the TCI has brought under its AML/CFT regime. 325. Criterion 28.4: (a) The FSC has sufficient powers to monitor compliance by the DNFBPs of the AML/CFT requirements: s.164 POCO. 326. (b) DNFBPs are subject to a registration process that requires the submission of an application and accompanying documents, upon which the FSC determines whether or not to register the entity: Regulation 24 AMLR. However, these DNFBPs are not subject to fit and proper assessments or other suitability and qualifications requirements. 327. (c) The DNFBP Supervisor is entitled to take enforcement and disciplinary action against DNFBPs (ss. 165-170 POCO) as provided for in greater details under Recommendation 35. As well, the gaming industry is subject to sanctions for AML/CFT breaches pursuant to the Gaming Control Ordinance. 328. Criterion 28.5: (a) Risk-based supervision of FSC-registered DNFBPs is required consistent with their size, diversity and their understanding of ML/TF risks: Regulation 23A AMLR. Risk-based supervision is however not applicable to the entire gaming industry, only casinos. While Regulation 23A specifically requires DNFBP supervisor to conduct risk-based supervision, Regulation 23(2) AMLR designates the Gaming Inspectorate as the DNFBP supervisor for only casinos, which thereby limits application of 23A to only casinos and not to the remainder of the gaming industry which the TCI has brought under AML/CFT regime given the risks and materiality of the sector. 329. (b) This criterion is addressed for the most part by Regulation 23A AMLR. The deficiency relating to the gaming industry is applicable to this criterion as well. Weighting and Conclusion 330. Casinos, the remainder of the gaming industry and other DNFBPs are subjected to national AML/CFT requirements, including registration and licencing requirements. FSC- registered DNFBPs are however not subject to fit and proper tests and other background checks to determine suitability. There is no vetting requirement for BOs and shareholders of gaming operations. Both the gaming industry and the DNFBPs registered by the FSC are subjected to limited to no monitoring for compliance with AML/CFT requirements. Under current legislative arrangements, risk-based supervision by the Gaming Inspectorate can only be applied to casinos, and not to the other firms within the gaming industry. R. 28 is rated partially compliant. Recommendation 29 - Financial intelligence units 331. TCI was rated NC for R.29 (formerly R.26) in its 3rd Round MER due the fact that: (i) The FCU did not appear to have full operational autonomy; (ii) The FCU has not provided sufficient guidance to FIs; (iii) The FCU had not provided feedback to reporting parties in a formalised and timely manner; and (iv) The FCU does not release periodic reports which include statistics on STRS/SARS, trends and typologies within the sector and an update of its activities.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 207
332. The deficiencies regarding R.26 were addressed as a result of the enactment of the FIAO in 2014, the implementation of guidelines and updated forms for the reporting of STRs/SARs and the publication of annual reports on the work of the FIA on trends and typologies. 333. Criterion 29.1: The FIA is a national centre for receiving, analysing and disseminating disclosures, made under the POCO, and receiving, analysing and disseminating information relating to suspected proceeds of crime, potential ML and ML offences and potential TF and TF offences: s.5 of the FIAO. The FIA was established in accordance with s.3(1) FIAO. 334. Criterion 29.2: (a) The functions of the FIA include, the receipt of disclosures filed by TCIs reporting entities: s.5 (1) FIAO. Where the MLRO of financial business (a) knows or suspects, or has reasonable grounds for knowing or suspecting, that another person is engaged in ML/TF or criminal activity; and (b) the information or other matter on which his knowledge or suspicion is based, or which gives reasonable grounds for such knowledge or suspicion, came to him in consequence of an authorised or protected disclosure or a disclosure made under s.127 that is not an authorised or protected disclosure; he shall disclose the information or other matter as soon as is practicable after it comes to him to the FIA: s.128. (1) POCO. Consequently, the FIA is the central agency for the receipt of disclosures filed by reporting entities in the TCI. (b) The FIA is not required by national legislation to receive any other reports outside of those specified in sub-criterion. 335. Criterion 29.3: (a) The FIA may, in the course of analysing or inquiring into a suspicious transaction report or any other report made to it under this Ordinance or any other enactment or conducting proactive inquiries, request further information from a FI as needed to perform its analysis properly, within a specified time: s.6A (1) FIAO. 336. (b) The FIA has accessed to variety of databases to adequately conduct its functions. The FIA can serve notice in writing on any person, requiring the person to provide the Agency, within such time as the Agency may require, with such financial or other information that it may require to conduct its functions: s. 28 (1) FIAO. The FIA has access to the law enforcement intelligence information held in the RTCIPF intelligence and police records database. The FIA has the ability to request information from other stakeholders such as: TCI Immigration, National Insurance Board, National Health Insurance Plan, Traffic and Road Safety Department, TCI Customs, TCI Business Licence Department, FSC and other local agencies in addition. Further, the FIA may require, such financial, administrative and law enforcement information, including commercially held data, as well as any relevant information collected or maintained by or on behalf of that person: s.28(1) FIAO. 337. Criterion 29.4: (a) The functions of the FIA are to receive, gather, store, analyse and disseminate information relating to suspected proceeds of crime, potential ML and ML offences and potential TF and TF offences, including receiving, analysing and disseminating disclosures made under the POCO, the FIAO amendments further includes that the words ‘analyse’ and ‘analysis’ includes strategic and operational analysis: s.5 (1)(a) FIAO. 338. (b) The FIA has measures to conduct strategic analysis, the specificity and measures which underpin these analyses are outlined in the FIU’s yearly annual reports. 339. Criterion 29.5: The FIA is authorised to disseminate information relating to suspected proceeds of crime, ML and TF offences (s.5(1) FIAO). The FIA is required to disseminate, spontaneously and upon request, using dedicated, secure and protected channels for the dissemination, the results of its analysis and the information to the RTCIPF and any other LEA,
Mutual Evaluation Report of the Turks and Caicos Islands
208 │
foreign financial intelligence authority and any other public bodies: s.5 (3) FIAO. 340. Criterion 29.6:(a) The Agency shall have in place policies governing the security and confidentiality of information, including procedures for handling, storing, dissemination and protection of, and access to information: s.27B FIAO. The FIA has in place a Standard Operations Procedures (SOP) for security implementation document in keeping with this section. 341. (b) The SOP document outlines that staff members are to be issued with key cards which allows them access to the reception area and any other area where a key card is needed to access, different levels of access can be granted based on the needs of the staff member. The SOP mandates that no employee shall disclose anything relating to information received, analysed, or disseminated regarding any report or investigation to a person who is not authorised to receive such information. 342. (c) Also outlined in the SOP and shown to assessors during the on-site is a CCTV monitoring and alarm system as well as window security which prevents access from the outside and door security which includes CCTV coverage, an intercom system and an access card system to monitor and limit access to its facilities. There is a clean desk policy in force, and the IT network is monitored by the IT manager for unauthorised breaches. All workstations are connected to the FIA network and requires a username and password for access to be gained. All workstation information is encrypted to minimise the risk of data theft. 343. Criterion 29.7: (a) The responsibility of day to day management of the affairs of the FIA is vested with the Director (s. 21 (1) FIAO) from which the functions of the said Director are derived. Those functions also include the discharge of the FIA’s Board of Directors functions and such functions and exercise of such powers assigned to or conferred on the Director by the said Board. The functions from which the day to day activities of the FIA are derived are clearly set out at s.5 FIAO, which allows the FIA to receive, gather, store, analyse and disseminate information relating to suspected proceeds of crime, potential money laundering and money laundering offences and potential terrorist financing and terrorist finance offences, including receiving, analysing and disseminating disclosures made under the POCO. Further, to these functions, the FIA has freezing powers which it may exercise during the course of gathering information into a suspicious transaction relating to ML and ML offences, TF and TF offences or financial crimes: s.6 FIAO. Regarding the appointment of the Director, this can only be done by the Governor on the recommendation of the Board of Directors: s.20 (1) FIAO. The Director may be removed from office only for inability to discharge the functions of his office (whether arising from infirmity of body or mind or any other cause) or for misbehaviour: s. 20(5). 344. (b) The FIA may, in connection with its functions, make arrangements for cooperating with bodies or persons in the TCI or a foreign FIU or a foreign law enforcement agency (s. 31 FIAO as amended). 345. (c) The FIA is not located within the structure of another authority. The FIA as a body corporate with distinct clear functions: s.3 FIAO. 346. (d) The FIA has the ability to obtain and deploy its resources through its Board of Directors and the Director. This however is dependent of funding received appropriated from the House of Assembly and the National Forfeiture Funds. The foregoing merely provides mechanism for good governance and oversight of the agency and in no way impedes the ability of the authorities to deploy its resources freely without undue political, government or industry influence or interference.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 209
347. Criterion 29.8: The FIA initially became a member of the Egmont Group since 2008. The FIA was re-admitted into the Egmont Group in March 2018 after meeting the updated Egmont criteria for the establishment of an FIU. Weighting and Conclusion 348. R.29 is rated Compliant. Recommendation 30 – Responsibilities of law enforcement and investigative authorities 349. TCI was rated C for R. 30 (formerly R. 27). Recommendation 30 requires that there should be a designated Law Enforcement Authority (LEA) responsible for ML/TF investigations in a national context. Countries should designate a competent authority to identify, trace and initiate actions to freeze and seize property subject to confiscation. 350. Criterion 30.1: The RTCIPF force is vested with powers under the POCO for ensuring that ML, associated predicate offences and TF offences are properly investigated: s. 134, 136, 138, 140 and 142 POCO and Part IV POTO. The RTCIPF is equipped with the general functions that includes detection of crime and the enforcement of all laws with which it is charged: s. 6 Police Force Ordinance. The FCU was established with the RTCIPF and is tasked with the functions of conducting ML and TF investigations. 351. Criterion 30.2: The TCI has a policy document dated 16th April 2018, issued by the ODPP addressed to prosecutors which directs them that case files that have potential for financial investigation and confiscation should be sent to the FCU for further investigation. The FCU is the only unit within the TCI that has the mandate to investigate all financial crimes including ML/TF and associated predicate offences. 352. Criterion 30.3: The AG makes the requisite application to the court for freezing Orders with respect to property connected to ML offences: s.72 POCO. The RTCIPF is endowed with the power to trace and identify property that may become subject to confiscation (see criterion 4.2 (b)). 353. Criterion 30.4: There are no non-LEAs in the TCI designated to pursue financial investigations into predicate offences. 354. Criterion 30.5: The IC does not have the authority to investigate ML/TF offences arising from, or related to, corruption offences. Weighting and conclusions 355. R.30 is rated Compliant. Recommendation 31 - Powers of law enforcement and investigative authorities 356. TCI was rated C for R. 31 (formerly R. 28). R. 31 expands the powers of LEAs and Investigative Authorities (IAs). Competent authorities should have mechanisms in place to identify whether natural or legal persons hold or control accounts and be able to request information from FIU when conducting relevant investigations. 357. Criterion 31.1: (a) Police officers can request information through the use of a Production Order from FIs, DNFBPs and other natural or legal persons when conducting an investigation into ML or an investigation into criminal conduct: s.134 POCO. A police officer may, for the purposes of a terrorist investigation, apply to a judge of the Supreme Court for an
Mutual Evaluation Report of the Turks and Caicos Islands
210 │
order requiring a person, who appears to have in his possession, custody or power the material to which the application refers: s.4(1) POTO. 358. (b) A police officer can make an application for a search and seizure warrant relative to a ML investigation or investigation into the criminal conduct for the purposes of which the application is made (s.138 of the POCO). Police officers also have the power to search a person once a warrant is executed (s.34 Police Force Ordinance). 359. (c) S.29 Criminal Procedure Ordinance provides for a statement to be provided by the persons accused to be taken by the committing Court. In practice, the taking of statements is done by the police on behalf of the Court. The Police rely on the ‘Judges’ Rules’ and ‘Police Interrogation in England Today’ which provides the procedure which the Police must employ when taking witness statements. 360. (d) A search and seizure warrant allow LEAs to seized and obtain evidence: s.138 POCO. Additionally, ss.1 and 2 Evidence (Proceedings in Other Jurisdictions) Ordinance provides LEAs with the power to apply to the Court for an Order in order seize or obtain evidence on behalf of the requesting country. Furthermore, LEAs can apply to the Court for the production of material relative to TF statements: s.4 of Schedule 3 POTO. 361. Criterion 31.2: (a) There is no formal statutory requirement in the TCI for an undercover operation to be authorised, however there is authority at common law level to conduct undercover operations (R v Looseley). (b) Police officers are equipped with powers to monitor, or intercept communication of persons who are suspected of a criminal offence or charged with a criminal offence by way of a Court Order (s.15(4) Telecommunications Ordinance. (c) LEAs utilise the broad powers contained in search and seizure warrants and production orders to access computer systems. (d) There are no measures in place for conducting controlled delivery operations. 362. Criterion 31.3: (a) There are several measures available to law enforcement and investigative authorities to identify in a timely manner, whether natural or legal persons hold or control accounts: s.142 POCO and s.28 FIAO. (b) There are several investigative tools available with the POCO which allows for competent authorities to identify assets without prior notification. These investigative tools include but not limited to production orders and CIOs (s.134 and 141 POCO) which require persons to provide information in the time period specified. 363. Criterion 31.4: There are MOUs in place for the FCU and IC to request information from the FIA. There is also an MOU between the FIU and Customs department for the sharing of information. All requests from the police to the FIA are channelled through the FCU. The authority under s.5 (3)(a) FIAO must also be noted. Weighting and conclusions 364. Competent authorities are equipped with the relevant powers and investigative techniques to conduct investigation into ML, associated predicate offences, with the exception of the ability to use control delivery. Competent authorities are equipped with measures to identify without the prior consent of the owner. Competent authorities through the use of signed MOUs can request information from the FIU to conduct their functions. R.31 is rated largely compliant. Recommendation 32 – Cash Couriers 365. This recommendation (formerly SR IX) was rated NC in the 3rd Round MER. The
Mutual Evaluation Report of the Turks and Caicos Islands
│ 211
deficiencies identified were that the POCO was not effectively implemented; the Immigration Department had not established any MOUs with its counterparts abroad; and there were no provisions for Authorities in the TCI to notify other countries when there is unusual movement of gold, precious metal and precious stones from their jurisdictions. To remedy the deficiencies TCI recommended that the Immigration Department establish MOUs with Immigration Departments in other jurisdictions and that the Customs Department should notify other countries when there is an unusual movement of gold, precious metals or precious stones from their jurisdictions. As a consequence, TCI in the 10th FUR was considered at a level of compliance equivalent to a LC. 366. The new requirements for the 4th Round are in c.32.2 and c.32.10 and are related to the declaration of currency or BNIs and the existence of safeguards which ensure the proper use of information collected through the declaration/disclosure system. 367. Criterion 32.1: TCI has a declaration system for incoming and outgoing transportation of cash or BNIs: ss.101 (2) and (3) Customs Ordinance. Any person entering and leaving the TCI with any goods or cash or BNIs with a value over USD 10,000 shall make a declaration: s.101 (2) and (3) Customs Ordinance. Additionally, ss.101A and 101B Customs Ordinance cover declarations in relation to sending and receiving cash or negotiable instruments in postal packets and cargo once the value is over USD 10,000. 368. Criterion 32.2: There is a written declaration system for all incoming and outgoing travelers. Consequently, all persons entering the TCI are required to make a written declaration for the purpose of determining whether they have any cash or BNIs with a value over USD 10,000 in their baggage or carried with them. Also, s. 101 (4) and (5) Customs Ordinance provides for a verbal declarations system. A person entering or leaving TCI shall answer any questions as the officer may ask about his baggage (Subsection (4)). Any person failing to make any declaration or declare or produce any baggage or thing or cash or BNIs with a value over USD 10,000 or answer any question commits an offence (Subsection (5)). 369. Criterion 32.3: Any person leaving TCI must answer questions as the proper officer (a person authorised by the Collector of Customs) may put to him with respect to his baggage and anything contained therein. If not, the person commits an offence and is liable on conviction to a fine: s. 101(4) Customs Ordinance. 370. Criterion 32.4: Competent authorities may request and obtain further information from the carrier in the context of the discovery of a false declaration or disclosure of cash or BNIs: s.101C Customs Ordinance. 371. Criterion 32.5: Failure to declare and making a false disclosure are offences and carry a penalty of a fine of USD 10,000 or three times the value of the thing or cash or negotiable instruments with a value of over USD 10,000 not declared or the baggage or thing not produced, whichever is the greater: s.101 (5) Customs Ordinance. It is an offence to make an untrue declaration and the penalty is a fine of USD 20,000- or 2-years imprisonment or both: s.129 of the Customs Ordinance. The penalties are proportionate and dissuasive, as in essence the cash would be forfeited and in some instances the offender would be paying three times the value of the cash or negotiable instrument not declared. Additionally, the penalties under s.129 are proportionate and dissuasive as the fine would be 2 times the threshold to declare and may be coupled with imprisonment. 372. Criterion 32.6: An MOU is in place between the Customs Department and FIA provides
Mutual Evaluation Report of the Turks and Caicos Islands
212 │
that the FIA will provide for the exchange of information between both agencies including information relative to declaration. Additionally, s.127(1)(a) POCO provides that a person should report any suspicion or knowledge of ML or TF offence or criminal activity to the FIA as soon as practicable. 373. Criterion 32.7: There is a Joint Intelligence Unit for the coordination among Immigration, Customs and Police. The coordination has led to cash detections, assistance to the airport station police officer and communication to FCU. Identification of persons who require further scrutiny has also taken place. Additionally, the shared intelligence database Overseas Territory Regional Intelligence System (OTRIS) is used by local LEAs. Also, informal coordination exists between customs, immigration and other related authorities including the ODPP. Further, the RTCIPF and the Customs Department’s ability to coordinate efforts are provided for at s.9 Customs Ordinance, which states that it is the duty of every police officer to assist with enforcing the law. As mentioned in c.32.6, an MOU is in place between the FIA and Customs Department for exchange of information. There is also an MOU between the members of the AMLC to exchange information. 374. Criterion 32.8: (a) Customs officers are authorised to seize currency and BNIs if there are reasonable grounds to suspect that it was obtained through unlawful conduct or intended for same and includes ML and TF offence: s.101D of the Customs Ordinance. Further, s.106 POCO enable a police officer to search any premises and seize cash if he has reasonable suspicion that cash connected to a crime is on the premises, this power extends to cash that crossed borders once there is a suspicion that it is linked to crime (ML/TF included) This cash can only be seized initially for a period of 48 hours (s.107 POCO), but could be extended with a Court order. With regards BNIs it would be considered as terrorist cash (Schedule 8 (1)(2)(e) POTO) and may be seized (s.54 POTO) and the Schedule 8 procedure for forfeiture would apply. (b) The postmaster, the collector and a customs officer may seize any cash or BNIs where that officer reasonably suspects that the declaration is false or where a declaration has not been made as required: ss.101A, 101B and 101D Customs Ordinance. 375. Criterion 32.9: S. 101E Customs Ordinance provides the basis for the retention of information in relation to sub criteria (a) to (c). Additionally, all declarations records are stored by the Customs Department and scanned into a computer system. The information required to be kept are (a) the details of the declarations made under ss.101 to 101B; details of breaches of ss.101 to 101B; and any seizure of cash or negotiable instruments. The Customs Ordinance does not make specific provision for the retention of identification data of the bearer. However, the declaration form used by the Customs Department captures the information required by this criterion. 376. Criterion 32.10: Information may only be disclosed pursuant to ss. 150 and 151 POCO (see c.32.9). Additionally, any person who (a) being in possession of confidential information, however obtained; (i) divulges it to any person not entitled to possession thereof; or (ii) attempts, offers or threatens to divulge it to any person not entitled to possession thereof; (b) obtains or attempts to obtain confidential information, to which he is not entitled, commits an offence (s. 4(1) Confidential Relationships Ordinance). Also, the disclosure of information to unauthorised persons is prohibited (s.7 Customs Ordinance). These conditions do not restrict trade payments between countries for goods and services or the freedom of capital movements, in any way. 377. Criterion 32.11: The sanctions regime that is available is proportionate and dissuasive. Persons engaged in cross-border transportation of cash or BNIs suspected to represent the
Mutual Evaluation Report of the Turks and Caicos Islands
│ 213
proceeds of crime can be charged with an ML offence and face the penalty prescribed in c.3.9. Should the cash or BNIs in question represent terrorist property the individuals can be changed in accordance with the POTO and subject to penalties identified in criterion 5.6. Cash that represents criminal property that has not been declared can be subject to both civil and criminal recovery proceedings in accordance with the POCO and POTO (see R.4). Weighting and conclusion 378. R.32 is rated Compliant. Recommendation 33 – Statistics 379. This Recommendation (formerly R. 32) was rated PC in the 3rd Round MER. The main deficiencies were that comprehensive statistics were not maintained by all competent authorities and the TCI was not reviewing the effectiveness of its systems for combating money laundering and terrorist financing on a regular basis. The follow-up process concluded that it was still unclear that comprehensive statistics were being maintained by competent authorities or that there is a review of statistics to determine the effectiveness of the systems to combat ML and TF on a regular basis. 380. Criterion 33.1: (a) The FIA collects, compiles and annually publishes statistical information relating to disclosures to the FIA and any disseminations (s.5(2)(d) and (f) FIAO). 381. (b)The AGC and the DPP’s Office maintain statistics on prosecutions and convictions. The FCU maintains statistics in relation to ML/TF investigations (cases) carried out independently without a prior STR, including the number of persons charged, prosecutions commenced and first instance and final convictions. Additionally, the judiciary also maintains records of all convictions in their Court of Record (s.102 Magistrate’s Court Ordinance). This record also assists in providing statistics on convictions which relates to ML/TF. Penalties imposed for ML offences are not comprehensive (see Chapter 3 - Table 3.20). 382. (c) The AGC and the ODPP Office maintain statistics on property frozen, seized and confiscated. The Court also maintains comprehensive data in relation to proceedings filed (s. 103 Magistrate’s Court Ordinance), which includes any confiscations and seizures which results from prosecutions. The level of detail of the types of assets restrained can improve (see Chapter 3 – Table 3.21). 383. (d) Statistics for MLA and international requests for co-operation made and received are kept by the AGC. The Chief Justice maintains a record of all applications relating to MLA requests which are made to the Supreme Court. The Chief Magistrate also maintains statistics on this subject matter (s.103 Magistrate’s Court Ordinance). Weighting and conclusions 384. Information provided by the authorities demonstrated that some statistics are maintained. Penalties imposed for ML offences are not comprehensive. The level of detail of the types of assets restrained can improve. R.33 is rated Largely Compliant. Recommendation 34 – Guidance and feedback 385. This Recommendation (formerly R. 25) was rated NC in the 3rd Round MER because of gaps in the training and guidance provided to FIs and DNFBPs. The FCU was not issuing reports on statistics, trends and typologies on ML/TF to regulated entities. The DNFBP supervisor did
Mutual Evaluation Report of the Turks and Caicos Islands
214 │
not provide requisite training and guidance to DNFBPs to allow for adequate implementation of new AML/CFT requirements adequate. Other gaps included training and guidance for DNFBPs regarding their AML/CFT obligations. 386. Criterion 34.1: In furtherance in s.118(9) POCO, Guidance notes were issued with the AML/PTF Code in 2010 to the FIs and DNFBPs. AMLR and AML/PTF Code requirements and expectations are also regularly underscored in the course of the regular programme of monitoring and on-site examinations. Additionally, the FSC has issued a number of guidelines on a number of topics including fit and proper test, politically exposed persons, bank licensing, risk management and controls for insurance companies and responsibilities of insurance managers. The Gaming Inspectorate has not provided any AML/CFT guidance to the gaming industry. 387. Further the FIA has provided feedback to entities on SAR quality, content, indicators, outcome of matters as deemed necessary to enhance and improve reporting entities in the reporting of suspicious transactions. The FIA also provides guidance on SAR reporting that is made available via their website and conduct outreach and awareness programmes in conjunction with the FSC to reporting entities. This includes participating in conferences, seminars, presentations and other events providing feedback on compliance with AML/CFT legislation. The FIA provides feedback in the form of its annual report (s.5(2)(f) FIAO). Weighting and Conclusion 388. Both the FSC and FIA have provided guidance to FIs and DNFBPs particularly relating to their reporting obligations. However, no guidance relating to TF and TFS has been provided to the sectors. Further, the gaming industry has not been provided with any AML/CFT guidance. R.34 is rated Partially Compliant. Recommendation 35 – Sanctions 389. This recommendation (formerly R. 17) was rated PC in the 3rd Round MER because the assessors found that the then existing sanctions were not effective or dissuasive; financial sanctions could not be applied by the supervisor without a court order; and that the sanctions available under AMLR in respect of Regulation 10 were not defined in legislation. The authorities made progress in addressing the deficiencies with the enactment of the Financial Services (Financial Penalties) Regulations, 2010) and the AMLR. 390. Criterion 35.1: Sanctions for Recommendation 6: No person must deal with or make the funds or financial services or economic resources available to designated persons or for their benefit: ss.11-15 TAFA. The penalty for contravention of these ss. is on conviction on indictment to imprisonment for a term not exceeding 7 years or a fine or both and on summary conviction to imprisonment for a term not exceeding the relevant maximum or to a fine not exceeding the statutory maximum or both: s.32 (1) TAFA. There are offences related to licences or confidentiality requirement which can lead to imprisonment not exceeding 2 years, fine or both on indictment or up to 6 to 12 months for summary conviction or a fine or both on summary conviction: s.32(2) TAFA. Further, offences related to breaches of reporting conditions or information requests can lead on summary conviction to imprisonment of up to 6 months to 55 weeks or a fine or both: s.32(4) TAFA. These penalties appear to be proportionate and dissuasive. 391. Sanctions for Recommendation 8: Sanctions are applied under the NPOR and may take the form of refusal to register (Regulation 9(1) (a)-(d)), de-registration (Regulation 10), disciplinary action in the form of administrative penalty (financial sanctions) (Part V-
Mutual Evaluation Report of the Turks and Caicos Islands
│ 215
Regulations 16-19). The administrative penalty shall not be a sum greater than what is provided for contraventions of the AMLR and AML/PTF Code (Regulation 16(4)). Therefore, sanctions can range from USD 25,000-100,000. Generally, the sanctions are dissuasive and proportionate. However, as noted in criterion 8.4(b), with respect to de-registration the fine of USD 50,000 for unlawful operation without registration may not be dissuasive. 392. Sanctions for Recommendations 9 to 19: The FSC may take enforcement action pursuant to s.33 FSCO against a licensee. The FSC powers include revoking or suspending a license (s.34 FSCO), issuing a directive (s.37 FSCO) and imposing a financial penalty (ss.34 and 45 FSCO). Further, the FSC can impose up to USD 200,000 (Schedule 1 Financial Services (Financial Penalties) Regulations). The FSC may petition the court for the winding up of the licensee company (s.33(2) FSCO). Also, s.57 FSCO provides for a penalty for a criminal offence committed by a body corporate to a director or officer of a licensee. Sanctions for contraventions of AML/CFT requirements are also outlined Schedule 3 AMLR. Ss.161(5)(6) POCO relate to AML/CFT enforcement action, and particularly subsection (6) states that where a breach of the AMLRs constitutes an offence, the taking of enforcement action by a supervisory authority does not prevent the financial business being also prosecuted for the offence. These offences are failure to apply CDD, EDD and other on-going measures, failure to cease transaction where unable to conduct CDD or EDD, failure to have the requisite policies and controls to detect ML/TF, failure to keep records and conduct training (Regulations 11, 12, 13, 17, 18 and 20 AMLR). Conviction on summary conviction for these offences results in a fine of USD 50,000. Other offences include entering into business with a shell bank, anonymous account or numbered account (Regulation 16) which carries a fine of USD 100,000 and failure to have a MLRO (Regulation 21) which carried a fine of USD 25,000. Based on the information provided, there is a broad range of proportionate and dissuasive administrative sanctions. 393. Sanctions for Recommendation 20: Failure to file STRs/SARs is an offence punishable on summary conviction to imprisonment for a term of 12 months or a fine of USD 100,000 or to both; or on conviction on indictment, to imprisonment for a term of 5 years or a fine without limit or to both (ss.127(3) and (9) POCO). These sanctions are proportionate and dissuasive as persons can be imprisoned and fine, and where it is conviction on indictment there is no limitation to the fine that a person (legal or natural) can receive. 394. Sanctions for Recommendation 21: A person who engages in tipping off commits an offence which is punishable on summary conviction, to imprisonment for a term of 12 months or a fine of USD 50,000 or to both; or on conviction on indictment, to imprisonment for a term of 5 years or a fine without limit or to both (s.129(3) POCO). 395. Sanctions for Recommendations 22-23: There are a range of sanctions available to the FSC. Schedule 3 AMLR list a number of violations including failure to apply required CDD measures and failure to apply enhanced due diligence. The FSC may take enforcement action against a DNFBP: s.165 POCO. This includes issuance of a directive (s.166), cancellation of registration (s.167) and taking disciplinary action (s.168). Where disciplinary action is taken against a DNFBP an administrative penalty may be imposed (ss.168(3) and (4)) and if the conduct amounts to an offence, the DNFBP may also be prosecuted for the offence (s.168(7)). A DNFBP that fails to comply with a directive issued under s.166 POCO section is guilty of an offence and is liable on summary conviction, to imprisonment for a term of 12 months or to a fine of USD 50,000 or to both. 396. The administrative penalties to which DNFBPs can be subjected are embodied under
Mutual Evaluation Report of the Turks and Caicos Islands
216 │
Schedule 3 AMLR, which provides for a range of AML/CFT violations such as failing to apply required CDD measures and enhanced due diligence. The penalties range from a minimum of USD 2,500 for breaches relating to recordkeeping obligation for example, to a maximum of USD 7,500 for establishing anonymous accounts or accounts in fictitious name. 397. Casinos are the only DNFBP in the gaming industry that are subject to these sanctions. While s.101(7) Gaming Control Ordinance requires gaming operators to give regard to the measures set out for DNFBPs under the POCO, the AMLR and the AML/PTF Code, s.23(2) POCO limits the Gaming Inspectorate supervisory authority under that provision to casinos. Only casinos are therefore subjected to the enforcement provisions under ss. 165-170 POCO, not the remainder of the gaming industry. 398. In addition to the above, under the AMLRs and the AML/PTF Code only financial businesses are obligated to comply with the requirements under the Code. Therefore, a natural or legal person who is not a financial business is exempt from this requirement. Further, an additional sanction is imposed, namely imprisonment for non-payment of a fine (s.157 POCO). The Court may impose a maximum penalty of 10 years in prison. The POCO and the TAFA apply to both natural and legal persons. 399. Criterion 35.2: The FSC may require the licensee to remove directors, key employees and compliance officers who are not fit and proper to hold a license and to replace them (s.41 FSCO). The FSC has published Fit and Proper Guidelines detailing in paragraph 10 and Appendix 1 that a person’s past record of compliance with the AML/CFT laws is one of the criteria for consideration. Therefore, where a person contravenes the AML/CFT laws the FSC may require their removal. 400. With respect to the DNFBP sector, all DNFBPs (natural and legal) are subject to the sanctions outlined in the POCO and AMLR. Also, Paragraph 3 (b) AML/PTF Code extend the provisions of the Code to directors and boards of financial business. Additionally, s.62 POTO extends liability to a partner of the partnership, or director or manager where an offence is committed under the Ordinance. Further, s.34 TAFA extends liability to directors, managers, secretary or similar officer of a body corporate. Weighting and conclusions 401. The FSC has a wide range of sanctions that can be applied against its FIs and DNFBPs, including license revocation and administrative penalties. Administrative penalties within the NPO sector are limited to recordkeeping violations that attract the same amount of penalties regardless of the nature and extent of the breach. The Gaming Inspectorate can only impose sanctions against casinos for AML/CFT breaches; it has no ability to do so with respect the rest of the gaming industry. R.35 is Largely Compliant. Recommendation 36 – International instruments 402. This recommendation (formerly R.35 and SRI) was rated PC. In the 11th FUR, R.35 and SR. I were rated PC and C respectively. The deficiencies were that the Palermo Convention and the Terrorism Financing Convention were not by extension ratified on behalf of the TCI. Not all relevant aspects of the Conventions were implemented, and the Terrorist Financing Convention had not been ratified or fully implemented. In the 13th FUR, it was noted that the TCI had taken all the necessary measures to have the ratification of the Palermo and Terrorist Financing Conventions extended by the UK. These measures have resulted in the extension of ratification
Mutual Evaluation Report of the Turks and Caicos Islands
│ 217
of the Palermo Convention and the review of extension of ratification for the Terrorist Financing Convention. 403. Criterion 36.1: The Vienna Convention and the Palermo Convention have been extended to the TCI. TCI is in the process of having the UN Convention against Corruption extended and have requested that the Terrorist Financing Convention be also extended to the jurisdiction. 404. Criterion 36.2: In TCI most of the relevant provisions of the Convention are incorporated in several pieces of legislation. However, with respect to the provisions of the Vienna Convention, no legal basis has been provided for articles 3(8), 4(a)(i) and (ii), 4(b)(i) and (iii), 4(2), 7(18), 8, 10, 11 and 17. With respect to the Palermo Convention article 8, 12(6), 15, 23, 24(3), 25, 26 have not been provided for. For the Terrorist Financing Convention, articles 9(3)(a) and (b) and 16(2) have not been provided for. As it relates to the Merida Convention, articles 14(2), 24, 29, 40, 50 and 52 are outstanding. Also, the Bribery Ordinance is not in force. Weighting and conclusions 405. The Palermo and the Vienna Convention have been extended to the TCI, however the Merida Convention and the Terrorist Financing Convention have not. Some of the articles in the respective Conventions have been implemented via domestic law. R.36 is rated Partially Compliant. Recommendation 37 - Mutual legal assistance 406. Recommendation 37 (formerly R. 36 and SR V) was rated C and LC respectively in the 3rd Round MER. The main deficiency was that the provisions of this Recommendation were not met in relation to the establishment of a Forfeiture Fund and the sharing of confiscated assets. The TCI addressed this deficiency during the 3rd Round follow-up process 407. The revised R. 36, now 37, requires that countries should have an adequate legal basis to provide cooperation and have in place all the needed mechanisms to enhance cooperation. Countries are now required to provide non-coercive assistance regardless of dual criminality provisions. The FATF Standard clarifies that the requesting country should make best efforts to provide complete factual and legal information, including any request for urgency. 408. Criterion 37.1: TCI has a sound legal framework that allows its authorities to provide a wide range of MLA in relation to ML, associated predicate offenses and TF investigations, prosecutions and related proceedings. The legal framework includes: 1) The Mutual Legal Assistance (USA) Ordinance (MLAO); 2) The Criminal Justice (International Cooperation) Ordinance (CJICO); 3) The Overseas Judgements (Reciprocal Enforcement) Ordinance; 4) The Evidence (Proceedings in Other Jurisdictions) (Turks and Caicos) Order (EPOJO), 5) POCO and 6) Tax Information (Exchange and Mutual Administrative Assistance) Ordinance (TIEAO). 409. Criterion 37.2: The Central authority for the execution of MLA requests is the Chief Magistrate under the MLAO. The Director of Exchange of Information (EOI Director) is the competent authority for tax matters under the TIEAO and the Governor or AG for the requests made under CJICO and EPOJO. Provisions have been enacted in MLAO to give effect to the Treaty including wide parameters of assistance. CJICO, Overseas Judgements Ordinance, EPOJO and TIEAO describe procedures to provide MLA. While a legal basis has not been provided, TCI in their Guideline document on Request for Mutual Legal Assistance in the TCI sets out in detail the procedures and documents needed to effect an international request from
Mutual Evaluation Report of the Turks and Caicos Islands
218 │
each relevant competent authority mentioned above. 410. The document sets out that the timely execution of request will depend on the seriousness of the case, evidence that is at risk of being concealed or destroyed, on-going offences, where the safety of witness or the public is at risk, any reasons for urgency such as statutory or custody time limits, pre-trial court appearances or court dates. Therefore, it can be concluded that those are the reasons or criteria on which cases will be prioritised. Generally, requests will be considered within 30 days unless additional time is required depending on the nature of the request. The document further sets out how to alert the authorities that a request is urgent. This document does not provide for the maintenance of a case management system to monitor the progress of requests or any other method to so do. However, the AGC has a weekly reporting system which allows for monitoring the progress on request. 411. Criterion 37.3: Article 3 MLAO sets out the limitations on assistance. These include where the request is not made in conformity with the provisions of the treaty, the request relates to a political offence or to an offence under military law which would be an offence under ordinary criminal law or the request does not establish that there are reasonable grounds for believing that the criminal offence specified has been committed and the information relates to the offence and is located in the territory of the Requested Party. Assistance may also be denied where the AG has issued a certificate to the effect that execution of the request is contrary to public interest of the Requested Party. Under Article 7 TIEAO assistance may be declined where the request is not made in conformity with the agreement, where the requested party has not pursued all means available in its own territory to obtain the information, or where the disclosure of the information requested would be contrary to public policy of the requested party. 412. Under the CJICO, a request may be refused if the request is not made in conformity with the requirements for the contents of a request, does not establish that there are reasonable grounds for believing that the criminal offence has been committed and that the information relates to the offence and is located in TCI, if the authorities in TCI would be prohibited by any law from carrying out the action requested with regard to any similar offence in the TCI, or if it is contrary to the law to grant mutual legal assistance in the circumstances to which the request relates. The bar to refusal contained in the MLAO, the TIEAO and the CJICO do not appear to be unduly restrictive or unreasonable. Additionally, the EPOJO do not contain any restrictive provisions. TCI also indicated that with respect to automatic and spontaneous requests there is no basis for refusal. 413. Criterion 37.4: (a) Tax information may be sent to the EOI Director for processing. There are no restrictions to provide assistance with respect to tax matters as the Tax Information (Exchange and Mutual Administrative Assistance) Ordinance (TIEO). However, it is important to note that s.5(2) TIEO states that tax information protected on the grounds of legal privilege will not be granted. Overall, TCI does not refuse MLA requests solely on the basis that the offence is considered to also involve fiscal matters. The legislation cited in c.37.1 do not contain provisions which bar such requests. (b) Save for legal professional privilege confidentiality and secrecy is not a bar to MLA. S.3(2) Confidential Relationships Ordinance states that it is not a breach of confidentiality if confidential information is disclosed to a police office in the execution of his duties or to any person in accordance with the provisions of any ordinance. 414. Criterion 37.5: Pursuant to s.12 MLAO, TIEO, s.120 POCO and page 6 Guideline on Request for Mutual Legal Assistance in the TCI, the information on MLA requests shall be treated as confidential.
Mutual Evaluation Report of the Turks and Caicos Islands
│ 219
415. Criterion 37.6: Dual criminality is not required for requests involving non-coercive actions, for example tax requests and other forms of assistance including service of a foreign process (Order 69 of the Rules of the Supreme Court) and identifying assets recorded in public sector registers. 416. Criterion 37.7: Dual criminality in the TCI depends on the underlying criminal conduct and not the name or category of the offence: s.5 POCO. Criminal conduct is a conduct which constitutes an offence in the TCI or would constitute an offence in the TCI if it had occurred in the TCI. 417. Criterion 37.8: (a) - (b) Various competent authorities can be involved in providing MLA and assisting with the processing of the request. The full investigative powers of authorities such as the RTCIPF may be used for legal assistance requests. However, Production Orders may be applied for under the POCO (s.134) and POTO (s.26 and paragraphs 4 and 5 of Schedule 3). Examination of witnesses may be done under s.2(2) EPOJO and s.7 MLAO deals with production of witnesses. LEAs can request assistance for information (to be used for intelligence purposes) from the FIA (ss.5 and 28 FIAO). The FSC pursuant is able to obtain and require the production of documents from legal persons and legal arrangements (s.23 FSCO). Further, the IC is able to obtain production documents (s.30). However, as noted under c.31.2 there are no measures in place for conducting controlled delivery operations. Weighting and Conclusion 418. TCI has a sound legal framework that provides for MLA contained in several instruments. According to the Guideline on Request for Mutual Legal Assistance, MLA requests should be processed within 30 days. There are informal mechanisms for monitoring the progress of request. The Guideline on Request for Mutual Legal Assistance set out the grounds whereby MLA requests are refused. Assistance is not refused where an offence includes fiscal matters. Secrecy or confidentiality obligations are not a ground for refusal. In the respective legislation as well as the Guideline on Request for Mutual Legal Assistance it is mandated that MLA request be treated as confidential. Dual criminality is not required to execute MLA requests for non- coercive actions. The powers and investigative techniques of the relevant competent authorities may be used for in MLA. R.37 is rated Largely Compliant. Recommendation 38 – Mutual legal assistance: freezing and confiscation 419. TCI was rated PC for R.38 in its 3rd Round MER on account that there were no administrative arrangements in place for coordinating actions relating to the seizure and confiscation actions with other countries, neither were there any arrangements in place in relation to the sharing of the assets resulting from such coordinated efforts. During the 3rd round follow- up process mutual legal assistance on confiscation and freezing was addressed through legislative measures (POCO) that provided for the recovery of instrumentalities that are intended for use in connection with unlawful conduct through civil forfeiture (tainted property); international cooperation and the enforcement of external requests and orders. There have been changes to the Recommendation since the 3rd Round MER. 420. Criterion 38.1: Schedule 4 POCO addresses all external requests and orders. All request for restraint orders are required to be addressed to the AG. (a) Although not explicitly stated in the law, the assessment team interpretation is that laundered property from the commission of a crime, including ML and TF can identified
Mutual Evaluation Report of the Turks and Caicos Islands
220 │
in the TCI. The assessment team interpretation is based on the fact that the law enforcement powers that are available under R.31 can be used to render assistance to foreign counterparts when there is a MLA (see c.37.8) and therefore can be used to identify property as some of these are meant to also identify property. Further laundered property can be restraint in accordance with schedule 4 of the POCO on an application by the AG. The law does make provision for seizing of property, as an external request in accordance with s.150 is a request by an overseas authority prohibiting the dealing with the property that is identified in the request. The AG is endowed with the power to register a confiscation order and cause properties mentioned in the order to be confiscated. (b) The definition of property within the POCO is broad and can be interpreted to include all proceeds of crimes. Proceeds of crimes can therefore be restraint in accordance with the measures in Schedule 4 of the POCO. There is however no measure to seize. (c) Instrumentalities of crime used in ML/TF or associated predicate offences can be restraint and confiscated on behalf of the requesting state using the mechanism in criterion 38.1(b). The assessment team is nevertheless unsure that instrumentalities intended for such use can be restraint and confiscated. (d) Property of correspondent value can be restrained and confiscated. As confiscation is applicable to any specified property or specified sum of money. Further, property is relevant property if there are reasonable grounds to believe that it is needed to satisfy an external order (Sec 150 (d)) -Part VI POCA). 421. Criterion 38.2: The TCI has the authority to provide assistance to requests for cooperation in relation to Civil Proceedings through its Evidence (Proceedings in Other Jurisdictions) (TCI) Order. Under s.1 and 2, the TCI can provide an array of assistance to other countries. The TCI can assist by applying to the Court on behalf of the other country for an Order to obtain evidence in civil proceedings, examine witnesses, production of documents, inspection of records or photos, preservation of evidence, detain property, take sample of property, medically examine someone on behalf of another country in accordance with s.2 of the Order. The TCI has demonstrated that they can provide assistance relative to non-conviction- based confiscation (see Chapter 3 – IO. 8). 422. Criterion 38.3: (a) Ss.150 and 151 POCO provide for international cooperation by the AG, the details of which are in Schedule 4. (b) The mechanism for managing and disposing of property frozen, seized or confiscated is reposed in schedule 4 (s.8) POCO. The court may appoint a receiver in respect of any property specified in the restraint order and confer on that receiver the power to, among others, manage or otherwise deal with the property; to take possession of the property; realise so much of the property as is necessary to meet the receiver's remuneration and expenses. 423. Criterion 38.4: There are measures which permit the sharing of confiscated property. In practice, all cash is usually given to the requesting country. Assets may be shared by informal agreement. S.13 POCO provides for assets to be confiscated. S.13(4) POCO provides the Court with the power to share confiscated assets with victims of the criminal conduct. Given the existence of this provision, where victims of the defendant’s conducts are in foreign jurisdictions, arrangements would be made on a case by case basis for the assets to be sent abroad. Additionally, it is the practice, where confiscations are made in the TCI on behalf of another
Mutual Evaluation Report of the Turks and Caicos Islands
│ 221
jurisdiction to send all the funds to the requesting jurisdiction, and arrangements are made on a case by case basis for the confiscated assets to be shared. Weighting and Conclusion 424. The TCI have mechanisms to identify, restraint and confiscate property, proceed and instrumentalities used in ML/TF and associated predicate offence. Property of correspondent value can also be restrained and confiscated. There is however no indication that competent authorities’ restraint and confiscate instrumentalities intended for use in criminal conduct. Non- conviction-based confiscation proceedings are permitted by virtue of the Evidence (Proceedings in Other Jurisdictions) (TCI) Order. TCI has measures which permit the sharing of confiscated property. R. 38 is rated Largely Compliant. Recommendation 39 – Extradition 425. This Recommendation was rated C in the 3rd Round MER. The revised FATF Standards require an adequate legal framework for extradition with no unreasonable or unduly restrictive conditions when assessing and rendering extradition requests. There should be a clear and efficient process to facilitate the execution of extradition requests, and the progress should be monitored by a case management system. 426. Criterion 39.1: S. 75 (2) Extradition Act 2003 (Overseas Territories) Order 2016 (Extradition Act) which extends the provisions of the UK Extradition Act 2003 to the TCI stipulates that the date fixed for an extradition hearing by the judge must ensure no unnecessary delay. 427. (a) ML and TF are extraditable offences as they fall within the definition of extraditable offence, namely conduct that occurred in the extradition territory; or the conduct would constitute an offence under the law of the Territory punishable with imprisonment or another form of detention for a term of 12 months or a greater punishment if it occurred in the Territory; or the conduct is punishable under the law of the extradition territory: s.137(3) Extradition Act. 428. (b) The TCI relies on the extradition case management system set up in the UK Extradition Act as extended to TCI. 429. (c) There are no unreasonable or unduly restrictive conditions on the execution of requests. The grounds for refusal of requests for extradition are found in s.70(2) Extradition Act. These grounds include where the person whose extradition is requested has a well-founded fear of being persecuted for reasons of race, religion, nationality, membership of a particular social group or political opinion, or the person whose extradition is requested has been granted leave to enter or remain in the Territory on the ground that to remove him to the territory to which extradition is requested would be in breach of his right to life or his right not to be subjected to torture or to inhuman or degrading treatment or punishment. 430. Criterion 39.2: There is no prohibition as it relates to the extradition of nationals. Extradition is possible once a valid request is made in accordance with s.70 Extradition Act. The grounds for extradition are set out in section 70(2) of the Extradition Act and nationality is not listed. Therefore, extradition of nationals of TCI is permissible. The case Re David Smith, CR 6/2010 serves as an example of TCI’s ability to extradite its own nationals. 431. Criterion 39.3: Dual criminality is required for extradition. However, an extraditable offence is defined by a person’s conduct rather than a specific category of offence or terminology:
Mutual Evaluation Report of the Turks and Caicos Islands
222 │
ss.137 and 138 Extradition Act (see criterion 39.1 (a)). 432. Criterion 39. 4: S.72 Extradition Act allows for the simplified extradition of persons who consent to their own extradition and details the appropriate procedure. In essence, the person who has been arrested under a warrant must be brought as soon as practicable before the appropriate judge (s.72(3)), the judge must inform the person of the contents of the request for extradition and give him the required information about consent (s.72 (7)) and the judge must explain the implications of the consent and that consent must be in writing and is irrevocable (s.72 (8)). Weighting and Conclusion 433. R.39 is rated Compliant. Recommendation 40 – Other forms of international cooperation 434. This Recommendation was rated PC in the previous assessment due to the lack of MOUs between the FSC and other similar bodies or by the FCU with FIUs which required MOUs for the exchange of information and the application of onerous considerations with regard to regulatory assistance under the FSCO. Additionally, it could not be ascertained whether assistance by certain competent authorities including the AGC and the FSC, was given in a rapid, constructive and effective manner due to lack of statistical detail. These deficiencies were addressed by the publication of a Handbook setting out guidelines which stipulate standard operating procedures for the processing of requests for assistance received from foreign competent authorities and the negotiation of MOUs with several Caribbean jurisdictions. 435. Criterion 40.1: The competent authorities that can provide international cooperation include the FSC, the FIA, the IC and the AGC. However, there is not provision that allows the AG to provide such cooperation spontaneously: s.151 and Schedule 4 POCO. The TIEO provides for the exchange of information for tax purposes automatically (s.6) and (s.7) spontaneously to another competent authority with whom the TCI has a bilateral agreement. Additionally, the TCI is a party to several international and regional agreements. 436. S.28 FSCO provides for the FSC to cooperate with foreign regulatory authorities, tax authorities and other persons who have functions in relation to the prevention and detection of financial crime. Cooperation includes the sharing of documents and information not prohibited by the FSCO and other legislation. S.29(3) FSCO allows for the FSC to provide information without a request to foreign regulatory authorities. S.12(l) FSCO empowers the FSC to enter into MOUs. Executed MOUs also allow for spontaneous disclosure or exchange of information. 437. International cooperation by the FIA is facilitated through powers conferred under s.117 POCO which stipulates that the FIA can disclose information to any law enforcement authority in TCI and to foreign intelligence units. The general nature of s.117 suggests that the disclosure may be conducted upon request as well as spontaneously. Ss.5(1)(c)(i) and (2)(a)-(c) FIAO allows for the FIA to request, receive and exchange information from foreign counterparts relating to the proceeds of crime, money laundering, terrorism or the financing of terrorism or the suspicion of any of these offences. Further, s.31 FIAO provides for the FIA to enter into arrangements to cooperate with foreign financial intelligence agencies or foreign law enforcement agencies. The FIA can disseminate information upon request and spontaneously under the FIAO (s.5(3)). S.15(3) Integrity Commission Ordinance (ICO) provides for the IC to disclose to both domestic and foreign law enforcement agencies any information disclosed to the
Mutual Evaluation Report of the Turks and Caicos Islands
│ 223
IC. The provision does not distinguish the exchange of information between spontaneously or upon request. 438. The RTCIPF/FCU cooperate through INTERPOL and ARIN-CARIB and is a party to the Operation Bahamas and Turks and Caicos (OPBAT) Agreement, which allows the TCI, The Bahamas and the USA to cooperate through information sharing concerning illicit trafficking. The Customs Department is a member of the Caribbean Customs Law Enforcement Council (CCLEC). Information was not provided on whether these 2 authorities can provide spontaneous information. Generally, no information was provided to indicate the speed with which the cooperation is conducted. 439. Criterion 40.2: (a) Ss. 12, 15, 28 and 51 FSCO provide for the FSC to cooperate internationally. Cooperation includes the sharing of documents and information not prohibited by the FSCO and other legislation. S.5 (2) (b) and 31 FIAO and s.117 (2) POCO give the lawful basis for the FIA to provide cooperation. The IC can disclose information to foreign law enforcement agencies (s.15(3) ICO). While the FCU cooperates through INTERPOL and the Customs Department is a member of the CCLEC no legal basis for providing cooperation was cited. 440. (b) Nothing prevents the competent authorities from utilising the most efficient means to co-operate. Specifically, the FSCO provides that the FSC shall use the most appropriate and efficient means of co-operation (s.28(3)). 441. (c) Dissemination of ‘protected information’ can be to the Governor, local law enforcement agencies, the local court as required or permitted, the MLRA or to a foreign regulatory authority upon written request (s.51 FSCO). The FIA uses the Egmont Secure Web (ESW) for the spontaneous communication and to share intelligence. Customs uses the CCLEC and it was indicated that where information is shared informally, restricted or confidential information is sent through the Controller of Customs secured government issued email address. The FCU by virtue of being a department with the RTCIPF can disseminate information through Interpol which is a secure website. There is no secure means of communication for the FSA to disseminate information. 442. (d) The FSC is empowered to sign MOUs: s.12 FSCO. The MOUs provide general procedures for the processing of assistance requests which are required to be completed in a reasonable time i.e. no more than 3 months. However, the MOUs do not have clear processes for the prioritisation and timely execution of requests. The other competent authorities are also deficient in this area. 443. (e) S.47 ICO imposes confidentiality obligations on all staff of the IC except for when disclosure is required under law. The FSC has established procedures in a Regulatory Cooperation Handbook. All employees and officers of the FSC are bound to restrictions on the disclosure of information: s.50 FSCO. S.47 ICO imposes confidentiality obligations on all staff of the IC except for when disclosure is required under law. It was indicated that information shared through ESW and INTERPOL is governed by the EGMONT Principles and INTERPOL Rules’ confidentiality clauses respectively. The FIA and Customs are prohibited from disclosing any information they would have received in accordance with their mandate (s.27B of the FIAO and s. 7 of the Customs Ordinance. The FIA is further required to have confidentiality measures in place regarding the safety of information (s.30B of the FIAO). Public Servants and employees, inclusive of FSCR and FCU staff are also prohibited from disclosing information that may have
Mutual Evaluation Report of the Turks and Caicos Islands
224 │
been provided in confidence (s.21 Public Service Ordinance). 444. Criterion 40.3: Although MOUs and Bilateral Agreements are not needed to co-operate, the FSC, FIA, Border Control and Customs Department have signed several MOUs. The EOI has bilateral and multilateral agreements, MOUs and protocols with foreign counterparts. TCI is also a party to a multi-lateral agreement concerning country by country reporting for tax purposes. However, there is no information available for the IC regarding the requirements of this criterion 445. Criterion 40.4: The AGC, FIA, EOI provide feedback to foreign counterparts, on the use of the information provided in keeping with its obligations under ss.28-32 FIAO. Also, feedback is provided pursuant to the 19th Egmont Principle which states that ‘Upon request and whenever possible, FIUs should provide feedback to their foreign counterparts on the use of the information provided, as well as on the outcome of the analysis conducted, based on the information provided’. Further, ss. 6 and 7 TIEO provide for the exchange of information on request and spontaneous exchange of information for tax purposes. There is no provision for LEAs to provide feedback. 446. Criterion 40.5: (a, b &c) The FSC is authorised to share information with its foreign counterparts and other persons outside of the island who have functions relative to the detection and prevention of financial crimes (s.28 of the FSCO). S.29 FIAO empowers the FIA to disclose information if it is for the purpose of enabling or assisting them in the execution of their functions or to the AG. Additionally, the only restriction placed on the exchange of information with respect to the IC is that information shall not be disclosed to unauthorised persons: s.47 ICO. There is no indication that the restrictions in sub-criteria a, b and c on the exchange of information with foreign counterparts apply to the FIA, FSC and the RTCIPF/FCU. 447. Criterion 40.6: S.29(2) FSCO limits the FSC to provide assistance only to those requests that it considers reasonable for the foreign regulatory authority to carry out its regulatory functions. Subsection 29(5)(d) stipulates that the FSC, in determining whether to deny or accede to a request may consider whether the information or documentation is relevant to the enquiries to which the request relates. Additionally, subsection 29(7)(b) requires the FSC to accede to a request only if it is satisfied that the foreign regulatory authority is subject to adequate legal restrictions on further disclosure of the information and documents and that such disclosure or any action taken on the information and documents will not be taken without written permission of the FSC. The above measures establish controls and safeguards for the exchange of information by the FSC in accordance with the requirements of the criterion. Information about similar legislative provisions regarding the FIA, IC and the FCU/RTCIPF has not been submitted. However, the FIA has MOUs with a number of agencies including the IC, FSC, RTCIPF and Revenue Control Unit. The MOUs contain a clause which states that the information received will only be used for purposes relevant to investigating or prosecuting the relevant offences. Further, that the information will not be disclosed without the written consent of the providing authority (see paragraph 4(a) of the MOUs). 448. Criterion 40.7: s.50(1) FSCO defines ‘protected information’ to include information obtained from a foreign regulatory authority or a law enforcement authority. S.50(4) FSCO stipulates that protected information cannot be disclosed without the consent of the person from whom the information was obtained. However, s.51 FSCO provides for disclosure of protected information exempted from the requirements of s.50. As such, dissemination of ‘protected information’ can be made under s.51 FSCO to the Governor, local law enforcement agencies, the
Mutual Evaluation Report of the Turks and Caicos Islands
│ 225
local court as required or permitted, the MLRA or to a foreign regulatory authority upon written request. S.29(7)(b) FSCO allows for the FSC to refuse a request for information if it is not satisfied that the foreign regulatory authority is not subject to adequate legal restrictions on further disclosure of the information or documents requested. The above measures require the FSC to maintain appropriate confidentiality and protection for exchanged information. The FSC can also refuse to provide information if the requesting authority does not have appropriate restrictions against further disclosure of the information. 449. Every officer, member and staff of the IC has an obligation not to divulge any information received in the course of their duty except where the information is required for the purpose of complying with a written law in the TCI or for the prosecution of an offence: s.97 ICO. Additionally, s.47 ICO, which deals with treating all information and records with confidentiality and secrecy was extended to the MOU between the IC and the Land Registry. While these provisions allow for confidentiality of information there is no requirement to refuse to provide information if a requesting authority cannot protect the information effectively. 450. Employees of the FIA shall keep information confidential unless the information is required to be disclosed by law: s.30A FIAO. Further, the FIA adheres to the Egmont Principles set out in paragraphs 28-33. No information has been provided about the FCU/RTCIPF concerning this criterion. 451. Criterion 40.8: The FSC, on the written request of a foreign regulatory authority and subject to such appropriate condition, to require specific persons to produce information or documentation (s.29(1)(a) FSCO). Specific persons include licensees, former licensees, a person that FSC reasonably believes to be carrying on, or to have at any time carried on, unauthorised financial services business, a person connected with any of the persons mentioned above or any person the FSC reasonably believes is in possession of documents. S.5(1)(c) and 5 (2) (b) authorised the FIA to conduct enquiries and share information relative to proceeds of crime, ML and TF. The AGC is empowered to enforce external orders as outlined in Schedule 4 POCO: ss.150 and 151 POCO. The FCU and the Customs department can conduct enquiries on the behalf of their foreign counterparts by virtue of being members of Interpol (Global Policing Goals) and CCLEC respectively. There is no indication that the IC as a competent authority can conduct inquiries on the behalf of foreign authorities. 452. Criterion 40.9: There is no restriction on the FIA to share or provide any cooperation to competent authorities regardless of their type. The FIA’s functions (s.5 (2) (a) FIAO) includes the receipt of requests for information from a foreign financial intelligence authority concerning the proceeds of crime, ML, terrorism or TF or the suspected proceeds of crime, suspected ML, suspected terrorism or suspected TF. 453. Criterion 40.10: The FIA, as part of its functions (s.5 (1) (c) (i) FIAO) is required to provide feedback on the information provided by any foreign financial intelligence authority disclosed to it, or obtained by it under the FIAO, the POC or any other enactments. The related analytical function is found at s.5 (1)(c) FIAO. 454. Criterion 40.11: The FIA has the power to request, access, exchange, receive, process, maintain, correlate, store, analyse, interpret and provide feedback on information (including information from any foreign financial intelligence authority) disclosed to it, or obtained by it for the purposes of the FIAO, POCO or any other enactment (s.5(1)(c) FIAO). The above provision gives the FIA the power to exchange all information required to be accessible or
Mutual Evaluation Report of the Turks and Caicos Islands
226 │
obtainable directly or indirectly by the FIA. There is no restriction on the broad powers of the FIA, and they are able to exchange information subject to the principle of reciprocity. 455. Criterion 40.12: The FSC is able to cooperate with foreign regulatory authorities, tax authorities and other persons who have functions in relation to the prevention and detection of financial crime: s.28 FSCO. Cooperation includes the sharing of documents and information not prohibited by the FSCO and other legislation. The FSC is empowered to provide information without a request to foreign regulatory authorities (s.29(3) FSCO). The FSC is empowered to enter into MOUs which allow for spontaneous disclosure or exchange of information (s.12(l) FSCO). The above measures allow for the FSC to cooperate with foreign competent authorities including the spontaneous sharing of information. 456. Criterion 40.13: The FSC has a duty to cooperate with foreign regulatory authorities or other persons who have functions in relation to the prevention or detection of financial crimes: s. 28 FSCO. Further, the FSC has the power to disclose information in fulfilling its duty to cooperate with foreign regulatory authorities: s.29 (1)(d) FSCO. The cooperation may include the sharing of documents and information which the Commission is not prevented from disclosing. 457. Criterion 40.14: S.28(2) FSCO defines the permitted co-operation of the FSC with foreign regulatory authorities, competent authorities and other persons who have functions in relation to the prevention or detection of financial crimes to include sharing of documents and information which the FSC is not prevented from disclosing by any ordinance. S.29 in detailing the provision of assistance to foreign regulatory authorities, includes the disclosure of information and documentation. 458. Criterion 40.15: As outlined under criterion 40.8 above, s.29 FSCO, permits the FSC, in providing assistance to foreign authorities, to exercise its powers to issue Notices to Produce, execute applications to a Magistrate to examine and appoint examiners. In addition, the FSC may also conduct compliance visits upon the request of a foreign authority (s.31(6) FSCO) and is also legally empowered to permit a foreign regulator to participate in a compliance visit undertaken by the FSC (s.32 (6)). 459. Criterion 40.16: The disclosure of protected information received by the FSC and its employees without the consent of the person from whom the information was obtained is prohibited (s.50 (4) FSCO) and is considered a breach (s.50(5) FSCO). Further, s.51 FSCO which addresses ‘gateways for disclosure of information’ stipulates that s.50 FSCO does not apply to disclosures required or permitted by any court of competent jurisdiction in the TCI. There are no provisions under the legislation or otherwise to address the requirement for the requesting financial supervisor to promptly inform the requested authority that the requesting financial supervisor is under a legal obligation to disclose or report the information. 460. Criterion 40.17: The IC is empowered to disclose to a law enforcement agency including a foreign law enforcement agency any information disclosed to the IC (s.15(3) ICO). This measure allows the IC to share information with foreign counterparts for any purpose. The FCU/RTCIPF would normally share intelligence with international partners once they meet the requirements of law enforcements e.g. Interpol. Additionally, the RTCIPF has an MOU with the FIA which allows them to exchange information. The information received from the RTFCIPF can be shared by the FIA with foreign counterparts for intelligence or investigative purposes. The Customs Department is a member of the CCLEC and use this avenue to share information
Mutual Evaluation Report of the Turks and Caicos Islands
│ 227
with foreign counterparts. Additionally, through their MOU with the FIA, information obtained from the Customs Department can be shared by the FIA with its foreign counterparts for investigative or intelligence purposes. 461. Criterion 40.18: The RTCIPF, as a member of INTERPOL, is able to use their powers including any investigative techniques when conducting inquiries locally to assist foreign jurisdictions under the rules of INTERPOL. Also, the Customs Department as a member of CCLEC can exchange information internationally with Customs Departments in the Caribbean. Additionally, the Ministry of Border Control is a party to the Advanced Finger-printing Information System and the Advanced Passenger Information System whereby they can access critical information on passengers who have travelled to the TCI to assist foreign jurisdictions. 462. Criterion 40.19: The MOU that is currently in place between the United Kingdom Territories and the Bermuda allow for the exchange of human resources between the different LEAs to investigate serious crimes, ML and TF. By virtue of this MOU, there is provision to form joint investigative team between the TCI and these territories. The TCI has also demonstrated that they have form joint investigative team with other agencies from different countries. Nevertheless, there is no evidence as to the measures that allows for the forming of joint investigative team between LEAs outside those that are mentioned in the introductory sentence. 463. Criterion 40.20: The FIA by virtue of being a member of Egmont Group can disseminate information indirectly to its non-counterparts when same is requested by a foreign FIU on the behalf of that agency. The ODPP and the FCU are members of ARIN-CARIB, an informal information sharing network within the Caribbean that consist of different law enforcement, prosecutorial and asset recovery agencies can exchange information indirectly with their counterparts through this medium. The FSC can also exchange information with any foreign competent authority outside of the island that is involved in the detection of financial crimes (s.26(1) of the FSCO). There is no evidence that the AGC and the IC are in compliant with this criterion. Weighting and Conclusion 464. Most of the Competent Authorities are either required in their respective laws or through bi-lateral and multilateral agreements to share information with foreign counterparts. The FIA, ODPP and LEAs by virtue of being members of the organisations such as the Egmont Group, Interpol, CCLEC and Arin-Carib utilised these agencies information sharing gateways which are considered as secure to share information. There are also built in confidentiality mechanism that prevents the unauthorised disclosure of information. However, there is no mechanism for some competent authorities to refuse to provide the information when confidentiality cannot be guaranteed. Outside of the ODPP, FSC, FIA and FCU there is no provision for the other competent authorities to exchange information indirectly with non-counterparts. R.40 is rated Partially Compliant
Mutual Evaluation Report of the Turks and Caicos Islands
228 │
Summary of Technical Compliance – Key Deficiencies
Compliance with FATF Recommendations
Compliance with FATF Recommendations Recommendation Rating Factor(s) underlying the rating
1. Assessing risks & applying a PC • CDD exemptions are not based on proven low risk risk-based approach • CDD exemptions are permitted for sectors rated as medium-high and medium risk for ML • Resource allocation and implementation of measures are not prioritised in all circumstances as the RBA is at a nascent stage. • Supervisors are not ensuring that in all circumstances FIs and DNFBPs are implementing their obligations under R.1
2. National cooperation and LC • The National Strategy does not address several key risks identified by the NRA coordination and has not been subjected to any regular reviews. • Though it informs the development of AML/CFT by the authorities, the National Strategy does not serve as AML/CFT policies that guide routine operations and practices of respective authorities. • Cooperation between the authorities to combat PF is not evident. 3. Money laundering offence C 4. Confiscation and provisional C measures 5. Terrorist financing offence C
6. Targeted financial sanctions LC • There is no requirement to report attempted transactions. related to terrorism & TF • The Governor is not required to provide guidance to FIs and DNFBPs on their obligations to respect a delisting or unfreezing action.
7. Targeted financial sanctions LC • There is no requirement to report attempted transactions related to proliferation related to proliferation financing. • The Governor is not required to provide guidance to FIs and DNFBPs on their obligations to respect a delisting or unfreezing action.
8. Non-profit organisations PC • The regime does not outline the periodic reassessment of risks posed to the sector, nor measures to encourage NPOs to conduct transactions via regulated financial channels. • The risk assessment conducted on NPOs is not comprehensive and reasonable. • The sanction regime particularly in relation to unlawful operation of NPOs that should be registered is not sufficiently dissuasive. • No evidence of work being undertaken with NPOs to develop and refine best practices to address TF risk and vulnerabilities. • The mechanisms to report NPOs under c.8.5(d) is not appropriate and is limited.
Mutual Evaluation Report of the Turks and Caicos Islands │ 229
9. Financial institution secrecy C laws 10. Customer due diligence PC • The absence of the requirement for proof of existence and powers regulating and binding the legal person or arrangement. • Beneficial owner does not include a natural person on whose behalf a transaction is being conducted and as such the requirements of c.10.5 do not apply to such individual. • There is no requirement to understand the nature of the ownership and control structure. • Legal arrangements are not required to provide the powers that regulate and bind them for CDD measures. • There is no requirement to verify the identity of persons in positions equivalent or similar to trust for other types of legal arrangements. • No requirement for FIs to apply CDD measures to existing customers on the basis of materiality. • Long terms and investment linked insurance products do have a requirement that verification should occur at the time of the pay-out • There are no measures addressing the likelihood of the CDD process tipping off a customer. 11. Record keeping C 12. Politically exposed persons C
13. Correspondent banking PC • No requirement for financial businesses to gather information about whether the respondent institution has been subjected to regulatory actions. • The requirements in the AML/CFT Code applies to banks which by definition in the Code does not cover MVTS, underwriting and placement life insurance and other investment related insurance as required by the definition of FIs in the FATF Standards.
14. Money or value transfer PC • There are no pro-active measures which are taken to identify natural or legal services persons which carry on MVTS business without a licence.
15. New technologies PC • The requirements of c.15.1 do not apply to the country.
16. Wire transfers PC • PSPs do not seemingly meet the definition of FIs as they are not included in the list of FIs and DNFBPs in the Regulation. Therefore, the requirements under this Recommendation that applies to PSPs do not apply to all FIs. • No obligation for FIs to ensure that all cross-border wire transfer over USD/Euro 1000.00 is accompanied by required beneficiary information. • No requirement for batch file to contain full beneficiary information that is fully traceable with the beneficiary country. • PSPs are not required to determine all information from both the beneficiary and originator side in order to make a determination whether a STR should be filed.
17. Reliance on third parties PC • The requirements for reliance of third party for CDD is not fully satisfied given the deficiencies in TCI’s laws on recordkeeping and CDD rules, which third parties are required to satisfy under TCI laws. 18. Internal controls and foreign C branches and subsidiaries 19. Higher-risk countries PC • The ability to apply countermeasures pursuant to a call by the FATF is discretionary. • There is no requirement that countermeasures be proportionate to the risk.
Mutual Evaluation Report of the Turks and Caicos Islands 230 │
• The country does not have the ability to apply countermeasures independent of any calls to do so by FATF. 20. Reporting of suspicious C transaction 21. Tipping-off and C confidentiality 22. DNFBPs: Customer due PC • No express requirement for real estate agents to apply CDD as regard both the diligence purchasers and vendors of property. • Casinos are only required to conduct CDD measures within the threshold amount for a single transaction, not also multiple transactions that are linked • Deficiencies identified in Recommendation 10 is also applicable to DNFBPs
23. DNFBPs: Other measures PC • The deficiencies noted in Recommendation 19 applies to DNFBPs.
24. Transparency and beneficial LC • Risks associated with LLPs that can be created in TCI were not assessed. ownership of legal persons 25. Transparency and beneficial C ownership of legal arrangements 26. Regulation and supervision PC • Measures for ensuring that criminals or their associates do not own, control or of financial institutions manage FIs are not consistent for all types of FIs and do not cover all relevant parties. • No evidence that AML/CFT supervision and regulation of FIs is in keeping with the core principles. • No AML/CFT monitoring of DNFBPs. 27. Powers of supervisors C
28. Regulation and supervision PC • There is no vetting requirement for BOs and shareholders of gaming operations. of DNFBPs • FSC-registered DNFBPs are not subject to fit and proper assessments or other suitability and qualification requirements. • risk-based supervision by the Gaming Inspectorate can only be applied to casinos, and not to the entire gaming industry. • DNFBPs regulated by the FSC and the Gaming Inspectorate are subjected to limited to no monitoring for AML/CFT compliance. 29. Financial intelligence units C 30. Responsibilities of law C enforcement and investigative authorities 31. Powers of law enforcement LC • No authority provided for the use of controlled delivery. and investigative authorities 32. Cash couriers C
33. Statistics LC • Penalties imposed for ML offences are not comprehensive. • The level of detail of the types of assets restrained can improve.
34. Guidance and feedback PC • The Gaming Inspectorate has not provided any guidance or feedback to licensees. • No guidance has been issued on TF and TFS.
35. Sanctions LC • Administrative penalties in the NPO sector can only applied for recordkeeping violation and is limited to USD 50,000 for any breach in that category. • The Gaming Inspectorate can only impose sanctions against casinos, and not the entire gaming industry.
Mutual Evaluation Report of the Turks and Caicos Islands │ 231
36. International instruments PC • The UN Convention against Corruption and the Terrorism Financing Convention have not been extended to TCI. • Some provisions of the respective international instruments have not been implemented.
37. Mutual Legal Assistance LC • No measures are provided for the implementation of a case management system. • There are no bases for refusal of MLA under the POCO, EPOJO and Overseas Judgment Ordinance. • Shortcomings under R.31 have a cascading effect on this Recommendation.
38. Mutual legal assistance: LC • The TCI has no authority to expeditiously identify relevant property at the request freezing and confiscation of a foreign country and instrumentalities are not covered in the provisions for making restraint orders against relevant property in response to a request from an overseas authority. 39. Extradition C
40. Other forms of international PC • There are no provisions to address the requirement for the requesting financial cooperation supervisor to promptly inform the requested authority that the requesting financial supervisor is under a legal obligation to disclose or report the information. • There are no mechanisms authorising some competent authorities to provide indirect international cooperation to non-counterparts. • There is no provision to prevent some competent authorities from disclosing the information in circumstances where confidentiality cannot be guaranteed. • There is no indication that the Police is required to maintain confidentiality for any request for cooperation and information exchanged that is consistent parties’ obligation concerning privacy and data protection.
Mutual Evaluation Report of the Turks and Caicos Islands 232 │
Glossary of Acronyms56
AGC Attorney General’s Chambers AG Attorney General AML/CFT Anti-Money Laundering and Combatting the Financing of Terrorism AML/PTF CODE Anti-Money Laundering and Prevention of Terrorist Financing Code AMLC Anti-Money Laundering Committee AMLR Anti-Money Laundering Regulations ARIN-CARIB Asset Recovery Interagency Network for the Caribbean ASYCUDA Automated System for Customs Data BCBS Basel Committee on Banking Supervision BNIs Bearer-Negotiable Instruments BO Beneficial Ownership BOR Beneficial Ownership Regulations BOT British Overseas territory CCLEC Caribbean Customs Law Enforcement Council CD Customs Department CDD Customer Due Diligence CJICO Criminal Justice (International Cooperation) Ordinance CLO Criminal Law Ordinance CMLO Company Management (Licensing) Ordinance CO Companies Ordinance CRS Common Reporting Standard CSP Corporate Service Provider DEA United States’ Drug Enforcement Administration DPP Director of Public Prosecutions DPRK Democratic People’s Republic of Korea DNFBP Designated Non-Financial Businesses and Professions DOJ United States’ Department of Justice EDD Enhanced Due Diligence EOIU Exchange of Information Unit EPOJO Evidence (Proceedings in Other Jurisdictions) (Turks and Caicos) Order ESW Egmont Secure Web FATCA Foreign Account Tax Compliance Act FBI Federal Bureau of Investigation FCO Foreign and Commonwealth Office FCU Financial Crimes Unit FI Financial Institution
56 Acronyms already defined in the FATF 40 Recommendations are not included into this Glossary.
Mutual Evaluation Report of the Turks and Caicos Islands │ 233
FIA Financial Intelligence Agency FIAO Financial Intelligence Agency Ordinance FUR Follow-up Report FSC Financial Services Commission FSCO Financial Services Commission Ordinance GDP Gross Domestic Product IAIS International Association of Insurance Supervisors IC Integrity Commission ICO Integrity Commission Ordinance IFC International Financial Centre INTERPOL The International Criminal Police Organization IO Immediate Outcome IOSCO International Organization of Securities Commission IRS Internal Revenue Service LEA Law Enforcement Agency LGA Local Government Agency LLPs Limited Liability Partnerships LPO Limited Partnership Ordinance LoR Letter of Request ML Money Laundering MLA Mutual Legal Assistance MLAO Mutual Legal Assistance (USA) Ordinance MLCO Money Laundering Compliance Officers MLRA Money Laundering Reporting Authority MLRO Money Laundering Reporting Officers MOU Memorandum of Understanding MTO Money Transmitters Ordinance MVTS Money or Value Transfer Service Operators NIB National Insurance Board NPO Non-Profit Organisation NPOR Non-Profit Organisations Regulations NRA National Risk Assessment ODPP Office of the Director of Public Prosecutions OPBAT Operation Bahamas and Turks and Caicos OSINT Open Source Intelligence PCA Policing and Crime Act (Financial Sanctions) Overseas Territories Order PEPs Politically Exposed Persons PF Proliferation Financing POCO Proceeds of Crime Ordinance PORC Producer Owned Reinsurance Company POTO Prevention of Terrorism Ordinance PT Professional Trustee RBA Risk-based approach RCMP Royal Canadian Mounted Police RFB Regulated Financial Businesses RTCIPF Royal Turks and Caicos Islands Police Force SAR Suspicious Activity Report SDD Simplified Due Diligence
Mutual Evaluation Report of the Turks and Caicos Islands 234 │
SIPT Special Investigative Prosecution Team SOF Source of Funds SOP Standard Operations Procedures SOW Source of Wealth SPOC Single Point of Contact SPPD Strategic Policy and Planning Department STR Suspicious Transaction Report TAFA Terrorist Asset-Freezing Act 2010 (Overseas Territories) Order 2011 TCI Turks and Caicos Islands TCSP Trusts and Corporate Services Provider TF Terrorist Financing TFS Targeted Financial Sanction TIEA Tax Information Exchange Agreement UK United Kingdom UN United Nations UNSCR United Nations Security Council Resolution US/USA United States of America USD United States Dollar WB World Bank
Mutual Evaluation Report of the Turks and Caicos Islands │ 235
© CFATF 2020
www.cfatf-gafic.org
January 2020
Anti-money laundering and counter-terrorist financing measures – Turks and Caicos Islands Fourth Round Mutual Evaluation Report
In this report: a summary of the anti-money laundering (AML) / counter-terrorist financing (CTF) measures in place in the Turks and Caicos as at the date of the on-site visit September 10th to 21st, 2018. The report analyses the level of compliance with the FATF 40 Recommendations and the level of effectiveness of the Turks and Caicos Islands AML/CTF system and provides recommendations on how the system could be strengthened.
Mutual Evaluation Report of the Turks and Caicos Islands